Facebook – Whatsapp: The EDPB requires the Irish SA  to carry out statutory investigation on Facebook

Facebook – Whatsapp: The EDPB requires the Irish SA  to carry out statutory investigation on Facebook

On July 15, 2021, the European Data Protection Baord (EDPB) adopted its first urgent binding decision in application of Art. 66(2) GDPR following a request from the Hamburg supervisory authority. 

In this case, the Hambourg Authority ordered a ban on processing WhatsApp users’ data by Facebook Ireland for their own purposes following a change in the Terms of Service and Privacy Policy applicable to European users of WhatsApp Ireland Ltd.

However, under article 66 GDPR, as the Irish supervisory authority is the the lead supervisory authority in this matter, the Hamburg Authority needed the validation of the EDPB for these  provisional measures to become final.

The EDPB rejected the Hamburg Auhtority’s request but requires further investigations to be carried out on Facebook and Whatsapp Ireland.

Germany-Antitrust Law: Facebook’s Wrongful GDPR Practice Hinders Competition

Germany-Antitrust Law: Facebook’s Wrongful GDPR Practice Hinders Competition

By a decision of 23 June 2020, the German Federal Supreme Court provisionally confirms the allegation of abuse of a dominant position by Facebook because its users were not given the choice over the level of personalisation of their Facebook experience, which entails the collection of data from sources outside the Facebook network (e.g. Instragram, internet browsing etc.).

The Court considered that Facebook practice may hinder the competition in the social network and online advertising market due to its dominant position and provisionally upheld the decision of the German Federal Cartel Office (“Bundeskartellamt”) prohibiting Facebook from processing personal data collected outside the Facebook environment without the users’ additional consent.

This decision is interesting as it shows that in certain cases a breach of GDPR provisions may also have consequences on competition law matters.

CJEU: The Judgement on the Validity of the Standard Contractual Clauses Expected on July 16, 2020

CJEU: The Judgement on the Validity of the Standard Contractual Clauses Expected on July 16, 2020

The Court of Justice of the European Union (“CJEU”) announced that it will deliver its judgement in the Schrems II case (case C-311/18) on July 16, 2020.

This judgement will determine whether the Standard Contractual Clauses (“SCCs”) are a valid personal data transfer mechanism under the General Data Protection Regulation (“GDPR”).

This mechanism being widely used by companies to transfer personal data outside of the EU, the decision is eagerly awaited.