Facebook Ordered To Stop Collecting German WhatsApp Data (bloomberg.com) 32
Facebook was ordered to stop collecting German users' data from its WhatsApp unit, after a regulator in the nation said the company's attempt to make users agree to the practice in its updated terms isn't legal. From a report: Johannes Caspar, who heads Hamburg's privacy authority, issued a three-month emergency ban, prohibiting Facebook from continuing with the data collection. He also asked a panel of European Union data regulators to take action and issue a ruling across the 27-nation bloc. The new WhatsApp terms enabling the data scoop are invalid because they are intransparent, inconsistent and overly broad, he said. "The order aims to secure the rights and freedoms of millions of users which are agreeing to the terms Germany-wide," Caspar said in a statement on Tuesday. "We need to prevent damage and disadvantages linked to such a black-box-procedure." The order strikes at the heart of Facebook's business model and advertising strategy. It echoes a similar and contested step by Germany's antitrust office attacking the network's habit of collecting data about what users do online and merging the information with their Facebook profiles. That trove of information allows ads to be tailored to individual users -- creating a cash cow for Facebook.
I have altered the deal (Score:4, Funny)
Facebook: "I have altered the deal, pray I do not alter it further"
Disney sends in the lawyer army: "Begun, the lawyer wars have"
Re: (Score:1)
Re: (Score:3)
No. It is probably illegal what they are currently doing. Which is probably why they postponed it for EU citizens for months before even trying. Saw it for the first time today, and I can still ignore it..
GPDR compliant privacy policy (Score:5, Informative)
I think you need to read up about Schrems I and II. FB and Google's "GPDR compliant privacy policy" is not acceptable under GPDR because US gov can access the data anyway, by US law. Therefore the PP is bollocks, and the behaviour illegal.
https://noyb.eu/en/ [noyb.eu]
Re:GPDR compliant privacy policy (Score:5, Informative)
If you've ever read the GDPR you'd realise American access to the data is the least of their lack of compliance. There are entire sections which aren't implemented, specifically most of the sections in Chapter 3 - Rights of the Data Subject, and let's face it, their consent process is completely lacking as well.
Re: (Score:1)
Yeah, you don't understand the GDPR so your comment is worthless.
Basically, Whatsapp is coercing people into giving up their data; that's not allowed.
Re: (Score:1)
Gmail: still free
Discord: still free
Bing: still free
whois: still free (and if you use the web for whois, then you should stop doing that ASAP)
The deal with the internet has never been that you get to abuse my information in return for providing a smidge of service. Anyone operating under that assumption is a certified asshole. You can still show me ads, you just can't go around selling my profile to who knows who. And offering me something in return for giving up my rights is illegal. If that's enough for F
Re: (Score:2)
Gmail is most definitely not free. The question is, does it cost more of your privacy as a Google product vs a Facebook product?
Re: (Score:2, Interesting)
Exactly this - no choice means no consent, no consent means data collection is illegal (in most cases). You could call it statutory data theft.
However there is an exception if a paid alternative without data collection is actually offered. FB/WhatsApp don't, so there is no valid consent.
Re: (Score:2)
You clearly miss the point that when it comes to the GDPR, there are different bases of processing depending on the data use. When you sign up with e.g. gmail, the primary purpose of processing is to provide you with the email service, which may require some access by sub-processors in order to fulfill. Now you can either do that on a basis of consent (safest) or one of contractual necessity. Most avoid contractual necessity in these cases, as its use alone pretty much brings immediate scrutiny from supervi
Re:Germany: Good luck with that (Score:5, Informative)
Yeah, you don't understand the GDPR so your comment is worthless.
GDPR says you can't share my data with ANYBODY without clear, unambiguous consent.
Things like hiding the 'consent' in the middle of a long EULA are specifically outlawed by GDPR. The user has to be completely aware if what's being done and specifically agree to that (which probably very few users would if it was spelled out to them properly).
Bottom line: Facebook can't use my Whatsapp info for anything that's not directly Whatsapp related.
Re: (Score:2)
If consent isn't voluntary and isn't informed, it can't be used as a legal basis for processing, period. I really don't understand corporate apologists who take more issue with a government taking steps to ensure their citizen's fundamental rights aren't being trampled by a corporation that lied about this exact situation never happening at the time when the acquisition cleared regulatory oversight than the bad behaviour of the corporation in question. What exactly do you get out of it?
Re: (Score:2)
Are you mentally ill?
What do you actually get out of posting this shit?
Re: (Score:2)
One Year from Now (Score:5, Insightful)
... Facebook believed it had complied with the agency's order, but due to a system misconfiguration had actually continued to store the prohibited data ...
And don't forget the non-apology... (Score:3)
...we'd like to apologise to anyone who feels we did something wrong. After all, your privacy is very important to us, because we make money violating it.
Re: (Score:3)
Facebook believed it had complied with the agency's order, but due to a system misconfiguration had actually continued to store the prohibited data
Fortunately, I don't think this crap will fly with GDPR.
Unintentionally violating the order may (?) reduce the fines, but that's about it.
Now we just need a similar law in US.
Re: (Score:2)
... Facebook believed it had complied with the agency's order, but due to a system misconfiguration had actually continued to store the prohibited data ...
Then European countries would be laughing to the bank when FB got astronomical fines based on a percentage of their global annual revenue (not just profit).
Laws can be altered, loopholes plugged.. (Score:5, Interesting)
Facebook WhatsApp new "Click OK to agree to The Terms", seems to be overly broad in their legal language.
This seems to be a call for FB WhatsApp to explain exactly how they are going to use/share the data.
In parallel this could lead to stronger laws.
Germans are also worried about FB/WhatsApp influencing voters in the upcoming election... not without cause.
Re: Laws can be altered, loopholes plugged.. (Score:3)
Cloick OK (Score:2)
The GDPR explicitly prohibits the general terms option.
Consent must be
Interesting Test (Score:4, Interesting)
So the reason that this will be interesting will be that a German legislator, Johannes Caspar, has made this determination that Facebook are in violation of the GDPR and are collecting data concerning German nationals illegally. But the legislation that Caspar cites is the GDPR.
Which means, pretty much, that Capar is asserting that Facebook are de-facto breaking the law in all other EU nations, as well as the UK. But what happens if other EU nations examine the same evidence and make a different determination? Presumably they can, because although the GDPR is a pan-European piece of legislation, it will be tested and examined in national courts.
But take this one stage further. Suppose "Country A" examines the evidence and determines that Facebook are guilty. Then "Country B" examines the same evidence and makes the opposite determination. Immediately, Facebook are going to take the "Country A" rulling to the CJEU (Court of Justice of the European Union) in an attempt to have it over-turned, citing the "Country B" result as case law [Country A can't argue that an out-of-nation ruling can't apply when it has enacted the same law]. Meanwhile, we can assume that "Country B" will attempt the inverse of this.
At which point this lovely little mess is going to end up at the CJEU.
My guess is that when that happens, they will slice very fine, looking for separation between the rulings on different points of law. Which might mean that some of the rulings against Facebook may be vacated, whilst others will not. And at that point, all nations in the EU will be able, should they wish, to move forward on that basis, limiting what Facebook can do with the data of their citizens. And a right merry little mound of litigation will follow, earning small and large fortunes for various law firms.
Re: (Score:2)
Most EU countries use civil law so even two courts in one single country can come to different conclusions in similar cases.
Re: (Score:2)
Most EU countries use civil law so even two courts in one single country can come to different conclusions in similar cases.
That has nothing to do with civil law. The same is true everywhere. That's why appellate courts and, ultimately, courts of last resort exist. The U.S. Supreme Court, for example, mainly gets involved to resolve conflicting rulings from two or more of the appellate circuit courts.
Re: (Score:2)
Not everywhere. In the common law countries legal precedents decide. In the civil law countries legal precedents don't have the same importance, they are mainly used to copy&paste arguments from but they don't affect decisionmaking.
EU regulators do their jobs, in other words (Score:2)
By contrast, America allowed M$ to claim with absolute impunity that unbundling IE/Edge/whateverthefuck from Windows was impossible and would unleash TEOTWAWKI. A few billion in EU fines later and all of a sudden, M$ started allowing users to opt out of its shitty browser. Result? Other browsers were able to compete at long last and M$'s browser market share fell from practically 100% to below 20% practically overnight.