The European Court of Justice ruled in favor of the Belgian data protection authority in a case between it and Facebook. A decision not without repercussions.
Court of Justice of the European Union (CJEU) On Tuesday he spoke about a preliminary question related to the case between the Belgian Data Protection Authority (ADP) and Facebook. However, the consequences of this decision will appear. outside the borders of little Belgium.
“In the context of the appeals proceedings, Facebook Belgium in particular confirms that the Department of Political Affairs no longer has the authority to appeal the main proceedings because it is not the main supervisory authority.”
National supervisory authorities can now attack tech giants, says European Court For violating the General Data Protection Regulation (GDPR), regardless of where the company’s main office is located in the European Union.
This famous General Data Protection Regulation was implemented in particular As a system to combat violations of personal data protection within the Federation. It should make it possible to ensure the effective and consistent application of the rules.
However, this transnational system quickly showed border. In fact, the procedure and decision of the application was based on the following: Fully from the leading authority, i.e. the authority of the country in which the head office of the company is located. This principle, known as the “single window”, has been hit hard Effective application of rules and protection of persons. Therefore, this Tuesday’s decision comes to fill these shortcomings.
A case dating back to 2015
The origins of this decision go back to 2015 in Belgium. At that time, the Privacy Commission, which later became the Data Protection Department, decided Take legal action against Facebook’s practices. The Belgian organization then criticized the digital giant for monitoring the browsing behavior of Internet users via “cookies”, “plugins” and “pixels” and then using this information for targeted advertising.
“Most of the big tech companies are based in Ireland. It should not be the power of this country alone to protect the 500 million consumers in the EU, especially if it is not up to the challenge.”
Thus, the question presented to the European Court by the Brussels Court of Appeal mainly revolved around jurisdiction from ODA to take legal action against Facebook, while this company is based in Europe in Ireland. Meanwhile, the GDPR and the “one window” principle came into force.
In the context of the appeal procedure, Facebook Belgium confirms in particular that as the new GDPR ‘single window’ mechanism is in operation, the DPA It no longer has jurisdiction to appeal key proceedings because it is not the main supervisory authority. Regarding the cross-border processing in question, the main supervisory authority will beIrish Data Protection Commission. The principal organization of the European Union controller is located in Ireland (Facebook Ireland Ltd)”CJEU Attorney General Michel Bobek بو, in its conclusions last January.
GAFA in sight
As I understand, if this decision is made after legal action against Facebook, It will affect all GAFAOr Google, Apple, Facebook and Amazon.
Indeed, all European national authorities will be able to proactively take matters into their own hands and use their full powers when they consider that consumers’ rights are being infringed.
“Most of the big tech companies are located in Ireland. It should not be the power of this country alone to protect 500 million consumers in the EU, especially if it is not up to the challenge,” Monique Goins noted, Director General of the European Consumers Organization (BEUC), in response to the decision.
“Certified tv guru. Reader. Professional writer. Avid introvert. Extreme pop culture buff.”