Court condemns Facebook’s use of personal data


After a lengthy battle with the Federation of German Consumer Organisations (“FGCO”) regarding Facebook’s data protection policies, the Berlin Regional Court (“BRC”) has found that Facebook’s use of its users’ data was illegal.

Facebook had failed to obtain consent to use personal data for their advertising purposes, according to the BRC. The social media giant’s failure to obtain consent was a result of its default privacy settings applied to each user account, including the default activation of the location services for those using the Facebook app, particularly given the lack of information provided to its users.

Heiko Dünkel, the litigation policy officer for the Federation of German Consumer Organisations, said “Facebook hides default settings that are not privacy-friendly in its privacy centre and does not provide sufficient information about this when users register. This does not meet the requirement for informed consent”.

All five of Facebook’s default privacy settings were deemed to be illegal, one of which allows search engines to link to a user’s timeline, as well a further eight of the clauses contained in their Terms and Conditions, including a provision which allows Facebook to transmit data to the US.

This verdict comes ahead of the implementation of the General Data Protection Regulations (Regulation (EU) 2016/679), or ‘GDPR’. The European Parliament intends to strengthen and unify data protection for all EU citizens and GDPR will see stricter controls to govern the processing and storage of data. GDPR will come into force on 28 May 2018 and will affect all companies storing personal information about citizens in Europe, including companies on other continents.

Hayley Blackburn


Corporate and Commercial Team

0113 207 1099