German court could set the standard for data permission on Facebook to impact GDPR
13 Feb 2018
A case in a small regional Berlin court brought by a consumer rights group could have a significant impact on the way GDPR is interpreted in the UK this year.
The case brought against Facebook, who are appealing the decision, is about the use of personal data and its implied permissions to micro-target online advertising, pre-check location data settings and the use of data from related Apps like WhatsApp and Instagram to share information.
The case was reported on Reuters.com on 12th February by Hans-Edzard Busemann and Nadine Schimroszik. https://tinyurl.com/FBGermanCourt
So what are the implications for GDPR in the UK?
GDPR applies to all EU citizens or citizens of any country when their data is being used in any EU country. The GDPR fines apply to any company operating in the EU – including Facebook.
One of the key principles within the regulation is that consent needs to be conscious and freely given and clearly this doesn’t appear to be the case under the interpretation of this German court.
Pre-ticked boxes and sharing data in associated but separate businesses (in this instance WhatsApp and Instagram) go against this principle.
As the litigation policy officer stated in respect of the case; ‘Facebook hides default settings that are not privacy-friendly in its privacy center and does not provide sufficient information about it when users register.”
This is not a technical breach based on some nuance of Social Media, it is against one of the key principals of GDPR itself and Germany, who were the originators and lead-sponsors of the new regulation, are leading the way in putting the interpretation of the new law to the test.
It will be very interesting to see how the appeal proceeds and if it forces any changes to Facebook’s policies, procedures or cross-marketing techniques.
It will also be fascinating to see how the ICO Commissioner goes about the enforcement of such matters in the UK and in relation to Social Media platforms in particular once we reach June this year.
For more GDPR news and views, visit gdpr.jaywing.com.
John McDermott is a Chartered Marketer and Head of CRM at Jaywing.