EU Court Opens Up Floodgates for GDPR

Facebook, Google, and other tech companies could face a vast wave of new data privacy cases in Europe

EU Court Opens Up Floodgates for GDPR

The EU implemented GDPR in 2018, which allows consumers greater say over how their data is handled and used. Initially, any privacy complaints against tech firms like Facebook, for example, would be sent to Ireland’s Data ProtectionCommissioner, as the company’s European headquarters are in Ireland.

On Wednesday, however, the European Court of Justice ruled that privacy complaints do not have to be taken to the domestic regulator. The ruling comes as no surprise given that Ireland's Data Protection Commissioner is notoriously underfunded and slow-moving. This will open a door for more investigations into privacy concerns throughout Europe.

The recent opinion comes after a 2015 ruling from a Belgian court stating that Facebook breached privacy rules for monitoring internet users’ browsing history regardless of whether they had signed up for Facebook or not. Facebook’s position was that only courts in Ireland could rule on the company’s privacy practices given the location of its headquarters in Dublin. The Belgian Data Protection Authority in return asked the ECJ to give clarity on the legal jurisdiction and the situation in question.

“The GDPR permits the data protection authority of a Member State to bring proceedings before a court of that State for an alleged infringement of the GDPR with respect to cross-border data processing, despite it not being the lead data protection authority entrusted with a general power to commence such proceedings,” the ECJ’s Advocate General stated after the ruling was announced on Wednesday.

The Advocate General’s opinion is not necessarily completely binding though. It is, however, taken into consideration by ECJ judges in future rulings. Concerns over data protection have grown in recent years in the wake of different scandals. This includes the Cambridge Analytica-Facebook saga that emerged in2018, where users’ data was being used to try to influence the outcome of elections.

“We are pleased that the Advocate General has reaffirmed the value and principles of the one-stop-shop mechanism, which was introduced to ensure the efficient and consistent application of GDPR. We await the Court’s final verdict,” said Jack Gilbert, associate general counsel at Facebook, while speaking with reporters recently.



More News Stories

February 13, 2024
The Digital Odyssey: Navigating Complexity and Triumphs in the Auditor's Tale

In the ever-shifting tides of modern business, the role of internal auditors has undergone a seismic transformation, navigating a labyrinth of complexity that rivals the twists and turns of a riveting thriller

Read story
May 22, 2023
Protecting Third-Party Data Within SaaS Solutions

Modern-day organizations have become increasingly reliant on various third-party software in order to operate effectively. The covid-19 pandemic and the newly blooming remote work environment brought a greater reliance on third-party software such as Microsoft Office or Salesforce

Read story
May 3, 2023
Is your Software Supply Chain Vulnerable to Cyber Threats?

It probably won't come as a surprise that modern organizations have had a growing reliance on various forms of software to operate effectively and efficiently

Read story