A hearing in the High Court has seen Google Inc challenge the applicability of English Law to its operations in the UK, which run off servers based in California. The case has caused individuals to increasingly question whether Google and other platforms, such as Twitter and Facebook, have remained veiled behind their terms of service to evade liability in the UK, and what the future may be for firms based in the US, which have service users in the UK.
Bypassing security settings
In the case which is still ongoing, British based users are suing the web giant for bypassing security settings on their Apple iPhones and Mac computers which may have allowed Google to track them online without their knowledge.
This is not the first time that the issue of jurisdiction has reared its head in relation to privacy law for the internet giant. In Alfacs Vacances SL v. Google Spain SL, disturbing photographs of corpses burned at an accident on the Claimants campsite in 1978 were publicly available on the internet. The accident had not been in any way the fault of the campsite and yet it was still coming back as the “top search” result on Google for the campsite.
The effect on the business owner’s livelihood from this extremely damaging unwanted publicity was considerable. Though Alfacs Vacances had sent notices to Google Inc., the complaint was filed exclusively against Google Spain SL, its Spanish subsidiary, whose activity is limited to marketing and advertising services.
Download resources on data privacy
Outside European jurisdiction
As the entity actually running the search engine was Google Inc, Google Spain alleged lack of standing to be sued and the judge dismissed the case. This may contrast with Yahoo and Microsoft which offer email and other services to European consumers through local operations and therefore could potentially be sued under European legislation.
Such jurisdictional issues are an ongoing concern for European Legislators, indeed the European Commission’s 2012 paper Safeguarding Privacy in a Connected World specifically highlighted the need for reform. It suggested that site providers should not be able to raise the argument of lack of standing, thus legitimately circumventing privacy rules if the parent Company is outside of the Europe.
Concerns over online privacy
Users should also be aware that social media sites such as Twitter and Facebook present significant concerns in relation to online privacy and the level of control and understanding which individuals can exert over their online presence in terms of their privacy - indeed Twitter’s operations are based in the USA which may mean that it is difficult to enforce UK law.
European legal briefings on social media
By contrast, Facebook offers its services to Britons through its Dublin branch meaning that users can hold the social network to account under European privacy.
Clearly the extent to which individuals and companies can aim to protect themselves will be dependent upon the sophistication of their knowledge when it comes to using computer based technologies.
It will be interesting to see how the Court respond to Google’s submissions in the current Google case but in the interim website users would do well to remember that they can still control what they upload to sites and what services they choose to use.
How to protect your online reputation
Users of websites who are concerned about their privacy should consider taking the following steps to manage their online presence:
- Regularly review the content of online accounts;
- Ensure all privacy settings are up to date on computers and mobiles;
- Familiarise yourself with site terms and conditions concerning privacy;
- Think before uploading content (especially personal information like addresses and your date of birth) as you can’t always control who reads it or if it can be deleted.
Stephen Lansdown (pictured), is a partner, and Laura Scaife a solicitor, with Hill Dickinson.
This was first published in September 2013