Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

EU Court Leaves Facebook More Exposed to Privacy Challenges

Facebook is subject to EU privacy challenges from watchdogs in any of the bloc’s member states, not just its lead regulator in Ireland, the bloc’s top court ruled Tuesday, in a ruling that has implications for other big tech companies.

Facebook is subject to EU privacy challenges from watchdogs in any of the bloc’s member states, not just its lead regulator in Ireland, the bloc’s top court ruled Tuesday, in a ruling that has implications for other big tech companies.

Under the EU’s stringent privacy rules, known as the General Data Protection Regulation, only one country’s national data protection authority has the power to handle legal cases involving cross-border data complaints in a system known as “one-stop shop.” For Facebook, which has its European headquarters in Dublin, it is Ireland’s Data Protection Commission.

However, the European Union’s Court of Justice ruled that “under certain conditions,” a national watchdog has the power to take a company to court over a GDPR violation even if it’s not the lead regulator.

The ruling is in line with a preliminary opinion from a court adviser and, according to experts, potentially paves the way for a fresh onslaught of privacy cases across the EU’s 27 member nations.

The court’s decision brings to an end a lengthy legal battle between Facebook and Belgium’s data protection authority over jurisdiction for the case, which centered on the social network’s use of cookies to track behavior of internet users, even those who weren’t account holders. The company had argued that the Belgian watchdog no longer had jurisdiction after GDPR took effect in 2018.

Facebook painted it as a victory, noting that under the ruling the Irish regulator would remain in the lead except in limited circumstances.

“We are pleased that the CJEU has upheld the value and principles of the one-stop-shop mechanism, and highlighted its importance in ensuring the efficient and consistent application of GDPR across the EU,” Jack Gilbert, the company’s associate general counsel, said.

Ireland’s privacy watchdog has been criticized for taking too long resolve a growing number of GDPR cases involving tech giants including Apple, Twitter, Google and Instagram but it argues that the cases are complicated.

Advertisement. Scroll to continue reading.

Related: EU Court Opinion Leaves Facebook More Exposed Over Privacy

Related: Facebook May Have to Stop Moving EU User Data to US

Related: Facebook Spars With EU Regulator Over Dating App Delay

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Compliance

Web scraping is a sensitive issue. Should a third party be allowed to visit a website and use automated tools to gather and store...

Cloud Security

Proofpoint removes a formidable competitor from the crowded email security market and adds technology to address risk from misdirected emails.