Breaking News

The lawsuit against Google and Facebook for forcing users 

According to an Austrian activist, the signatures are already violating the new European privacy rules

It has not been more than a weekend since the new European privacy law came into effect and on Friday an Austrian activist accused Google, Facebook, Instagram, and WhatsApp of "illegally updating" their privacy policies, forcing the users to accept the new terms or lose access. 

Max Schrems said in an interview with Reuters that the "take it or leave it" approach violates the right of people under the General Data Protection Regulation (GDPR) to choose freely if it allows companies to use their data or not.

"You have to have a 'yes or no' option," Schrems said before filing formal complaints before several European jurisdictions. "Many of these companies now force you to give your consent to the new privacy policy, which is totally contrary to the law," he said.

The GDPR reviews data protection laws in the European Union that predate the Internet boom and, in addition, to set stricter rules for organizations that collect and process data, imposes fines, in the case of companies, of up to 4 percent. percent of global revenue. 

According to Reuters, Andrea Jelinek, who heads the Austrian Data Protection Authority and a new European Data Protection Board set up under GDPR, appeared to express sympathy for Schrems' arguments at a press conference in Brussels. On Schrems' complaints, Jelinek said: "If there is a forced consent, there is no consent."

Schrems is known to have taken the court to Facebook. Since 2008 he has been a privacy activist and in 2011 he decided to take Facebook before the courts, after the revelations that Edward Snowden made about the global surveillance network organized by the US National Security Agency (NSA), in collaboration with the INC. The Austrian won a landmark court ruling in 2015, an important precedent in the field of privacy rights in European legislation. 

The case of Schrems ended with an agreement that allowed companies to transfer personal data from the EU to the United States, where data protection is less strict.

On Friday, at the head of a non-profit organization that he recently created, he filed complaints about "forced consent." The new organization,, would plan new legal actions on the illegal use of user data for advertising purposes or "fictitious consent". 

In a statement on the website, Noyb clarified that "forced consent" exists when social networks group information clauses and do not allow consent to each of the permits they request. Likewise, when it is not possible to use the service until a 'pop-up' message is answered. 

Schrems showed Reuters how an emerging message on Facebook seeks consent to use their data and how it blocks when it is denied. "The only way (to remove it from the screen) is to really accept it, otherwise you can not use your Facebook anymore," explained Schrems. "As you can see, I have my messages there and I can not read them unless I agree," he added. 

"With this complaint, we want to make sure that GDPR is implemented in a sensible way: without only moving towards the 'consent fishing'," says the portal.

For her part, Erin Egan, Facebook's privacy director, said in a statement that the company has been preparing for 18 months to ensure that it complies with GDPR requirements by making its policies clearer and its privacy settings. be easier to find. 

Facebook, which has more than 2 billion regular users, has also said that advertising allows it to stay free and that the entire service, including ads, must be customized according to the user's data.

The other complaints of Schrems

Schrems said, however, that Instagram and the instant messaging service WhatsApp (both applications are owned by Facebook), also use these pop-ups to obtain consent and exclude the possibility of users to refuse. 

In the case of the action presented by Noyb against Google, the organization talks about the new smartphones that use its Android operating system. According to Schrems, buyers must either deliver their data or own "a brick of 1,000 euros". 

In total, he is filing four complaints with the data protection authorities in France, Belgium, Germany, and Austria. If successful, the processes would come to see later litigation in Ireland, where both Facebook and Google have their European headquarters.

A presentation, made against Facebook on behalf of an Austrian woman, asks the country's data protection authority to investigate and, as appropriate, prohibit data processing operations based on invalid consent. 

It also asks the regulator to impose "effective, proportionate and dissuasive" fines as foreseen by GDPR, which in the case of Facebook could reach 1,300 million euros (1,500 million dollars). 

Until now, it was cheaper to ignore privacy rights - said Schrems - Now, hopefully, it will be cheaper to follow them because the sanctions are very high. 

No comments