Sergey Nivens - Fotolia

Facebook wins first round in European privacy battle

Facebook has welcomed a Vienna court’s rejection of a 25,000-strong class action lawsuit against the social networking firm for allegedly breaching European privacy laws

Facebook has won the first round in a legal challenge by European users led by Austrian law graduate and privacy campaigner Max Schrems, but the case is far from over say legal experts.

The social networking firm welcomed a Vienna court’s rejection of a 25,000-strong class action lawsuit against Facebook for allegedly breaching European privacy laws.

The court said it lacked jurisdiction to hear the case seeking €500 compensation for each claimant, totalling €12.5m.

"This litigation was unnecessary and we’re pleased that the court has roundly rejected these claims,” Facebook said in a statement.

Commentators said the court’s ruling is a victory for Facebook, which argued the case was not legitimate, but Schrems has vowed to take the case to a higher regional court and appeal to the Austrian Supreme Court if necessary.

The group led by Schrems is suing the social networking firm for several privacy violations, including tracking their data and Facebook’s alleged involvement in the US National Security Agency’s (NSA) Prism surveillance programme.

The case also claims that the way Facebook monitors users when they use the site’s "Like” buttons breaches European privacy laws.

The group is calling for Facebook to stop mass surveillance, to have a privacy policy that can is easy to understand and to stop collecting data from people, including non-Facebook users.

Schrems is reportedly aiming to establish a landmark case against all US online companies that gather data in Europe.

Read more about proposed European data protection laws

However, the Austrian case is not the only chance of achieving that, because Schrems and his Europe-v-Facebook (EvF) advocacy group has also filed parallel complaints against Facebook in Ireland.

That case was referred to the Court of Justice of the European Union (CJEU) by the high court in Dublin for a ruling on whether Ireland’s data protection commissioner is bound by the Safe Harbour agreement.

EvF is calling for an overhaul of the Safe Harbour agreement on data exchange, signed by the US and EU in 2000.

The case under consideration by the CJEU could decide how Europeans’ data will be shared with US internet firms in future.

Commentators said the ruling could shape international regulations on online information and affect all US companies dealing in Europeans’ data, such as Facebook, Twitter, Google, Microsoft and Yahoo.

The CJEU is also expected to rule on whether an investigation should be launched into allegations by whistleblower Edward Snowden that Facebook passes personal data to the NSA.

The CJEU initially said it would issue its ruling on 24 June 2015, but then postponed the ruling without giving a new date.

Although the Austrian court’s rejection of the case is a good result for Facebook, this is just the start of the case, said PwC Legal partner Stewart Room.

“Schrems is likely to consider an appeal, and it should not be forgotten that other litigation about the same subject matter is currently before the CJEU so we cannot yet say 'case closed',” he told Computer Weekly.

However, Room has warned that businesses should gear up for tougher privacy regulation as the rise of citizen activists like Schrems drive greater powers for regulatory bodies.

“In the past six months, state after state have been recognising the need to allow citizen-based litigation for privacy harm, and this support by courts of the citizen is probably the single most important development in data privacy in the past 10 years,” he told a seminar attended by business privacy representatives in London in June.

Citizen power in court is something that the judiciary in a growing number of countries is supporting when it comes to privacy issues, said Room.

“This is something businesses have got to get to grips with because if we empower the citizen with greater rights of access to justice, they are going to use it,” he said.

Room believes that the natural consequence of the battle between the citizen and the regulators will be that regulators will gradually become equipped with greater powers.

“When they have this new power, they are going to use it, and companies are going to be audited to high heaven and inundated with demands to complete privacy impact assessments,” he said. 

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Privacy and data protection

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

There's such a fascinating conflict here. Facebook's business model is based on providing full disclosure of everything to everyone. Sign up and you (mostly) agree to (mostly) forgo any sense of privacy, The whole premise of Facebook is an open community with few barriers.

While we make like the idea of living in a commune, we also want strong doors and blackout shades on our windows. We may choose to share intimacy with our friends and select strangers, but it's anathema when corporations turn into stalkers. Worse when they try profit off our intimate details.

But that's what they do. And that's (mostly) what we signed up for. But then again that's exactly what we don't want. I doubt it'll be stopped for long by a bit of regulation here and there. Some loophole may get temporarily plugged, but a few billion dollars buys a lot of litigation.
Cancel

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close