Since its inception FATCA has been under attack for, among other reasons, violating the data protection policies of other countries. Most notably many consider that FATCA violates the European Union’s General Data Protection Regulation (GDPR).
These attacks will likely strengthen in light of a July, 2020, decision of the European Union Court of Justice. This case concerned the objection by a privacy activist residing in Austria to Facebook’s routine transmission of data from its Ireland-based European headquarters to its parent in the United States. The activist argued that the legal framework for data protection in the United States is not sufficient to protect the personal data of residents of the European Union under the GDPR or the Charter of Fundamental Rights of the European Union. The European Commission argued that the protections offered by the United States are adequate, but the Court agreed with the activist. In doing so, the Court invalidated the Privacy Shield, a framework designed by the U.S. Department of Commerce and the European Commission to enable data transfers from the European Union to the United States. This decision is expected to result in increased scrutiny of all forms of data transfers from the European Union to the United States, with transfers pursuant to FATCA being first in line.
William Hoke of Tax Notes recently wrote about how privacy cases like these work to bolster EU privacy challenges to FATCA. Laura Snyder, a founding member of SEAT, is quoted in the article.
Read the article here: Non-FATCA Cases Bolster Privacay Challenges to IRS Data Demands.