fbpx
Court

Facebook set to face Austrian GDPR case following court intervention

Court

Facebook set to face Austrian GDPR case following court intervention

A case filed against Facebook immediately after the General Data Protection Regulation (GDPR) came into effect seems likely to go ahead, following approval from the Austrian Supreme Court.

Max Schrems, an Austrian lawyer and co-founder of the digital rights organisation noyb, filed complaints against Facebook, Google and other major tech companies as soon as GDPR became official on May 25th, 2018, although he claims that the case has been pending for five years. The complaints centre on the idea of “forced consent”, and the allegation that sites like Facebook are threatening to block or restrict services for users who refuse to consent to privacy and data use policies.

Facebook had attempted to block the case, arguing that jurisdiction should fall on the data protection commissioner in Ireland, where its European headquarters are based. However, the Austrian Supreme Court has rejected this claim, and this potentially game-changing ruling means that GDPR lawsuits can be filed by anyone in the European Union.

Along with the accusations of gaining consent in unlawful ways, the case argues that Facebook’s privacy policies and data disclosure are not in compliance with GDPR, and questions how well the company is following the new regulation in general.

Describing himself as “very pleased” with the decision, Schrems argues in a noyb statement that even winning part of the case would be a success, as it would force Facebook to make alterations to its business model that protect users’ online privacy, and that he has confidence in the lawsuit being a success.

If found to be in breach of the GDPR, Facebook could face fines of up to €7bn (£6.2bn), according to ComputerWeekly.com. This would completely dwarf the current largest GDPR fine – a comparatively paltry €50m issued to Google in January. That too stemmed from a late-May complaint by noyb, along with another one from French organisation La Quadrature du Net.

The enormous fines potentially being faced by companies like Facebook are due to their size and yearly revenue, so are beyond what anything a small business would be hit with. Even so, with GDPR noncompliance punishable with a fine of 4% of a company’s annual revenue, a fine can be just as damaging, if not more so, to the average British SME. To make sure your site is fully GDPR compliant, why not speak to the team at Engage Web?

John Murray

Get in touch

Please enable JavaScript in your browser to complete this form.
Acceptance

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

>

Book a consultation with Engage Web