Austrian Facebook slayer launches four new cases as EU tightens data privacy

AFP - [email protected]
Austrian Facebook slayer launches four new cases as EU tightens data privacy
Photo: AFP

As a young Austrian law student, Max Schrems took on Facebook and won, and seven years ago he was already raising the alarm over the flaw Cambridge Analytica allegedly exploited to obtain the data of millions of users for political purposes.


So, as a new EU law -- billed as the biggest shake-up of data privacy regulations since the birth of the web -- comes into force on Friday, Schrems  might be forgiven for thinking his work is done.

Far from it. In fact, he has chosen the day to file four complaints with regulators under the new legislation against some of the tech world's biggest names. 

"One is in France against Google on Android, the other one is on Instagram in Belgium, the third one is in Hamburg against WhatsApp and the fourth one is in Austria against Facebook," Schrems told AFP, adding that the cases were being brought by his new NGO None of Your Business.

The problem with all these sites, he said, is with the pop ups that have been appearing on them in recent weeks, asking users to agree to new terms of use. 

He says this amounts to a system of "forced consent" from users.

"All of them basically have a situation where you have to consent to the privacy policy otherwise you're not allowed to use their service.

"It's clear in the law -- there are decisions by European data protection authorities and guidelines that this (practice) is prohibited," he said.

The EU's General Data Protection Regulation (GDPR) aims to make it simpler for people to control how companies use their personal information. 

Facebook's 'apology tour'

According to Schrems, despite "a lot of legal uncertainty, mainly out of the industry lobbying that tried to water the law down", the GDPR represents "a good start" and reflects the high importance already given to privacy in European regulations.

"The laws are pretty much the same as we had before -- the big difference that we have now is that they're enforceable," he said, pointing to the high financial penalties envisaged under GDPR, which for large companies like 
Google or Facebook could run into billions of dollars.

When the Cambridge Analytica scandal broke, Schrems pointed out that the controversial data harvesting methods used by the company were at the heart of the case he brought against Facebook back in 2011.

And Facebook's claims that it had been betrayed were "laughable", he said.

So what does he make of Mark Zuckerberg's recent appearances before Congress in Washington and, this week, before the European Parliament?

"It's probably the 51st 'we are so sorry for what we did' tour," he said with a wry smile.

The fact that Zuckerberg is now facing the music personally, rather than sending spokespeople, is probably a positive sign that pressure is rising on the company, he said.

But nevertheless, he is clear that bringing the giants of the tech world to heel will be a long process.

"It will probably take 20 years until they don't have to argue... because they're finally complying with stuff, but it is a first step, I guess."


Join the conversation in our comments section below. Share your own views and experience and if you have a question or suggestion for our journalists then email us at [email protected].
Please keep comments civil, constructive and on topic – and make sure to read our terms of use before getting involved.

Please log in to leave a comment.

See Also