Document Type


Publication Date



For the second time this decade, the Court of Justice of the European Union has struck a blow against the principal mechanisms for personal data transfer to the United States. In Data Protection Commissioner v Facebook Ireland, Maximillian Schrems, the Court declared the EU-US Privacy Shield invalid and placed significant hurdles to the process of transferring personal data from the European Union to the United States via the mechanism of Standard Contractual Clauses. Many have begun to suggest data localization as the solution to the problem of data transfer; that is, don’t transfer the data at all. I argue that data localization neither solves the problem of foreign surveillance, nor enhances personal privacy, while undermining other values embraced by the European Union.

Publication Citation

Forthcoming in the Journal of International Economic Law (Sept. 2020)