EU court says Facebook can face national privacy cases outside Ireland too

News General Belgium 15 JUN 2021
EU court says Facebook can face national privacy cases outside Ireland too

The EU Court of Justice has upheld the right of national regulators outside Ireland to sue Facebook for privacy violations in the EU. In an appeal against a decision from the Belgian Data Protection Authority, Facebook had claimed that only the Data Protection Commission in Ireland, where Facebook's European operators are based, could conduct such a case. The EU court disagreed, saying the General Data Protection Regulation allows any national regulator to sue in a case of cross-border data processing.

The case was referred to the EU court for an opinion by the Brussels appeals court, which is hearing the Data Protection Authority's case. The EU court's advocate-general already backed the Belgian regulator's position in an opinion issued in January. 

Under the GDPR, companies active in multiple EU countries may choose a 'one-stop shop' for regulatory supervision, usually in the country where they are headquartered. This regulator then handles all the company's compliance across the EU.

However, the Irish national authority has become overwhelmed with cases due to the many large internet companies basing their European businesses there. At the same time regulators in other countries have found it difficult to pursue cases against the internet giants, as they often have no registered legal subsidiary in the other countries. 

The court found that national regulators do not have to rely on the lead supervisory authority for a company, as long as they respect the GDPR's provisions for cooperation and coordination with other countries. The company also does not have to have a local subsidiary, only a presence somewhere in the EU, in order to face a case in national courts. Furthermore, allowing local regulators to pursue their own cases before national courts is in line with the protection of the data subject's fundamental rights to privacy and to effective remedies for protection, the court noted.

The ruling was met with a quick response from the CCIA, the lobby group representing large internet groups like Facebook and Google,. The industry group said that enforcement of the GDPR is likely to become inconsistent across the EU states as a result of the ruling, something lawmakers had tried to avoid with the original one-stop-shop concept. This may also raise the costs of compliance and increase liability, counteracting the original promise to reduce the burden on businesses under the harmonised EU legislation. 

Categories:

General

Companies:

Facebook

Regions:

Europe

Countries:

Belgium

Tags:

Messaging, Regulations, IT - applications, Advertising services, Government policy, Legislation - Lawsuits, Market research, Corporate social responsibility

Related Articles

NETHERLANDS 15 MAR 2023

Facebook found guilty of privacy violations in Netherlands over 10 years

Dutch consumer association Consumentenbond and the Data Privacy Foundation (DPS) have won a class-action lawsuit against Meta's Facebook about the protection of personal data. The ruling means Dutch consumers can claim compensation for privacy violations, although the amounts have yet to be determined. The consumer organisation and privacy group have also started a fresh case against Facebook, saying the company has for years unlawfully sent Dutch user data to the US for storage. 

BELGIUM 21 MAR 2022

Google hit with record fine in Belgium over right to be forgotten in search results

The Belgian Data Protection Authority has issued a fine of EUR 600,000 against Google for failure to comply with the 'right to be forgotten' under the General Data Protection Regulation. The authority confirmed the record amount to Computable. 

EUROPE 23 SEP 2021

Facebook changes cookies menu to comply with EU privacy laws

Facebook announced changes to its cookies policy in Europe to give internet users more control over how the social network collects their personal data. The company said this is part of ongoing efforts to improve compliance with key legislation in the EU, such as the General Data Protection Regulation and the ePrivacy Directive, which covers the use of cookies.

EUROPE 2 SEP 2021

WhatsApp fined EUR 225 million for privacy violations in EU

WhatsApp has been fined EUR 225 million by Ireland's Data Protection Commission for violations of the EU's General Data Protection Regulation. This follows an investigation started in December 2018 over whether WhatsApp made it clear how it collects and uses personal data, including disclosing how it shares data with other Facebook companies.

EUROPE 15 JUL 2021

EU privacy regulators order 'urgent' investigation into WhatsApp, Facebook data sharing

The EU's national data protection regulators have called on the Irish watchdog to conduct an urgent investigation into the recent changes in WhatsApp's privacy policy and how it shares data with parent company Facebook, amid concerns the companies have violated privacy law. The regulators stopped short of taking action against Facebook, saying it was still too unclear how the company was using data on WhatsApp users. 

EUROPE 12 JUL 2021

BEUC files compaint against WhatsApp for breach of EU consumer rights

European consumer body BEUC has filed a complaint with the European Commission and the European network of consumer protection authorities against WhatsApp, citing multiple breaches of EU consumer rights.

NETHERLANDS 5 JUL 2021

Amsterdam court agrees to hear consumer privacy claim against Facebook

A court on Amsterdam has agreed to hear a case against Facebook by the non-profit Data Privacy Stichting (DPS) and Consumentenbond union for alleged privacy violations. Facebook had asked for the case to be declared inadmissible or suspended. 

EUROPE 16 JUN 2021

ICCL files privacy lawsuit against online advertising industry

The Irish Council for Civil Liberties (ICCL) has filed a privacy lawsuit in Germany over online ads. The lawsuit targets Amazon, Google, Facebook, Twitter, AT&T, Verizon and the entire online advertising/tracking industry.

BELGIUM 15 JUN 2021

Ook waakhonden buiten Ierland mogen tegen Facebook optreden om dataverwerking

Het Hof van Justitie van de EU heeft het recht van nationale organisaties in de EU om Facebook aan te klagen wegens privacyschendingen bevestigd. In een beroep tegen een beslissing van de Belgische Gegevensbeschermingsautoriteit had Facebook beweerd dat alleen de Gegevensbeschermingscommissie in Ierland, waar het Europese hoofdkantoor van Facebook is gevestigd, een dergelijke zaak zou kunnen behandelen. Het EU-hof is het daar niet mee eens en zegt dat de Algemene Verordening Gegevensbescherming elke nationa

IRELAND 24 MAY 2021

Data Protection Commission resumes Facebook investigation after High Court ruling

Facebook has been given six weeks by Ireland's Data Protection Commission (DPC) to respond to its investigation into the company's EU-US data transfers, reports Reuters. This follows a ruling from the Irish High Court that the investigation can resume.

EUROPE 15 JAN 2021

Schrems hopes for quick decision on Facebook data transfers after Irish DPC agrees new case terms

The Irish Data Protection Comission (DPC) has agreed to take a swift decision on Facebook's EU-US data flows after a Judicial Review filed by data activist Max Schrems, according to his organisation Noyb. The Irish Data Protection Commission (DPC) oversees the EU operations of Facebook and has been involved in a 7-year-old case brought by Schrems for alleged privacy violations by Facebook.

BELGIUM 14 JAN 2021

Belgian Data Protection Authority gets support in Facebook case from EU court advocate

The Belgian Data Protection Authority has received support from the EU Court of Justice's Advocate General in its case against Facebook. The Belgian regulator has been fighting the social network company since 2015 over its use of cookies, but Facebook claims it only has to answer to the privacy regulator in Ireland, where its EU operations are based. The advocate general said authorities in other countries could still bring court cases against a company under the General Data Protection Regulation in certa

AUSTRALIA 16 DEC 2020

Australia sues Facebook for misleading consumers when promoting app to protect users' data

The Australian Competition and Consumer Commission (ACCC) has started proceedings in the Federal Court against Facebook, and two of its subsidiaries for false, misleading or deceptive conduct when promoting Facebook's Onavo Protect mobile app to Australian consumers. Onavo Protect was a free downloadable software application providing a VPN service.

UNITED STATES 10 DEC 2020

FTC seeks sale of WhatsApp, Instagram in Facebook monopoly case

The US Federal Trade Commission along with 48 states and territories of the US have filed lawsuits against Facebook, accusing the company of illegally maintaining a monopoly in the social networking market. The case centres on the company's takeovers of Instagram and WhatsApp and may lead to Facebook being forced to divest some of its business. Facebook said the regulators were engaging in "revisionist history" by trying to undo acquisitions they had already approved. 

EUROPE 4 DEC 2020

Irish High Court to hear Facebook appeal against data transfer ruling

The Irish Data Protection Commission (DPC) confirmed that Facebook's judicial proceedings against the regulator are scheduled before the Irish High Court on 15 December.

Just In

19 DEC 16:42

SLT-Mobitel launches 5G network in Sri Lanka

19 DEC 16:19

Dialog Axiata launches 5G network, connects 1.5 million subscribers

19 DEC 15:56

UK govt to ban AI-enabled nudification apps to protect women, girls

19 DEC 15:42

3 UK launches last-minute Christmas sale

Commentary

13:56

Video market set for slower growth ahead

11:38

Netflix buys Warner Bros to deepen content catalogue

11:11

KPN's mixed performance in Q3 raises questions for strategy day

15:26

Stock markets breaking records but what happened to Odido's IPO plans?

Background

01:04

The week in telecom: Wi-Fi bolt-ons take off to boost broadband growth, video market works on consolidation

01:39

The week in telecom: Netflix wins bidding for Warner Bros, Apple poaches new execs, Samsung debuts trifold

13:51

Proximus vs. Telenet: Proximus performs better in Q3 while Telenet uses up cash

14:16

Proximus Domestic still struggling with low margins

Complete profile

Before downloading the whitepaper, we would like to ask you to complete your profile with company and position. After confirming you will receive the white paper.