If you like our news articles, subscribe here to receive our newsletter.

NOYB, a European not-for profit group which champions information privacy has filed complaints against Facebook, Instagram, WhatsApp and Google for breaches of GDPR. The complaints have been filed with the data protection supervisory bodies in a number of EEA member states where the complainant users live. NOYB also envisages the involvement of the Data Protection Commissioner in Ireland as 3 of the companies are headquartered there.

The complaints centre on what NOYB alleges is the companies’ attempt to force consent, by making the use of their services conditional upon users giving consent to their data being used for targeted advertising. This is specifically prohibited by GDPR, as is putting the request for consent in amongst standard terms and conditions. The request should be separated out from other contractual clauses and highlighted to the user. Given the size of the companies involved the potential fines could be billions of euros. This represents the first big test of the GDPR and whether its bite will be as bad as its bark.

Remember: when you are seeking the appropriate consents from your service users it must be freely given, specific, informed and unambiguous. The Information Commissioner’s Office (the supervisory body for data protection in the UK) has the power to impose fines of up to €20million in respect of GDPR breaches. Contact Claire Wilson for advice and assistance in making your organisation GDPR compliant.

Chambers 2020 Logo