European Court Backs National Watchdog Data Enforcement

Facebook, Twitter and Google could be facing even more scrutiny and censor in Europe after a ruling by the EU Court of Justice.

Europe’s top court has on Tuesday ruled that national data regulators have the power (under certain conditions) to pursue their own cases against major tech (mostly US-based) companies, even when they are not the lead regulator for the tech firm.

Under the current setup, Ireland’s data protection watchdog has for many years acted as the lead regulator in Europe, because firms such as Facebook, Google, Apple, and Twitter all have their European headquarters located in that country.

Image credit: European Commission

Court ruling

The ruling on Tuesday came after a probe by Belgian authorities (the Belgian Privacy Commission) in 2015 against Facebook, which claimed the social media giant did not adequately notify users about data collection and use.

It sought an injunction against Facebook Ireland, Facebook Inc. and Facebook Belgium, aiming to put an end to alleged infringements of data protection laws by Facebook.

Facebook however had argued that the complaint about Facebook in Belgium should rightfully be heard in Ireland, where Facebook’s headquarters is based.

But Europe’s top court has backed the quest by the Belgian Privacy Commission to conduct its own investigations.

“Under certain conditions, a national supervisory authority may exercise its power to bring any alleged infringement of the GDPR before a court of a member state, even though that authority is not the lead supervisory authority with regard to that processing,” the court’s ruling reads.

At the moment, the EU’s General Data Protection Regulation (GDPR) puts the authority in a company’s chosen European headquarters (i.e. Ireland) in charge of overseeing it under its one-stop-shop system.

Note this case began before the GDPR rules came into effect.

With this decision however, it means the American tech giants like Facebook, Google, Twitter and Apple may face investigations from more bloc members under certain circumstances.

Irish critics

The ruling is noteworthy because of reported frustration in some quarters with the Irish data protection watchdog, who some feel is too slow at enforcing GDPR rules on US tech giants.

German officials, such as Hamburg-based data regulator Johannes Caspar, have accused the Irish regulator of letting tech companies away with too much and imposing fines that are too low, Irish media have reported.

For its part the Irish Data Protection Commissioner has argued that it must handle complaints and enforcement procedures meticulously, so that its enforcement decisions do not end in courts for years.

Last month, Austrian privacy campaigner Max Schrems reportedly told an Oireachtas Committee that Europeans seeking to vindicate their privacy rights under GDPR are now trying to find ways around Ireland’s privacy regulator because of what he claims is chronic non-enforcement.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago