Bundeskartellamt rules Facebook needs users’ consent to combine personal data from different services
Germany’s federal cartel office has ruled that personal data collected by Facebook-owned services, such as WhatsApp and Instagram, can only be assigned to Facebook user accounts with the user’s voluntary consent. The Bundeskartellamt also ruled that Facebook needs users’ consent to collect data from third party websites and assign them to a Facebook user account. If users do not consent, Facebook may not exclude them from its services, the regulator added.
“The combination of data sources substantially contributed to the fact that Facebook was able to build a unique database for each individual user and thus to gain market power,” said Andreas Mundt, President of the Bundeskartellamt. “As a dominant company, Facebook is subject to special obligations under competition law. In the operation of its business model the company must take into account that Facebook users practically cannot switch to other social networks. In view of Facebook’s superior market power, an obligatory tick on the box to agree to the company’s terms of use is not an adequate basis for such intensive data processing.”
The regulator argues that Facebook’s terms of service and the manner and extent to which it collects and uses data are in violation of European data protection rules. Facebook said it intends to appeal the decision. The Bundeskartellamt underestimates the “fierce competition” that Facebook faces in Germany, misinterprets its compliance with the EU’s General Data Protection Regulation (GDPR) and “undermines the mechanisms European law provides for ensuring consistent data protection standards across the EU”, Facebook said in a statement.
In January, French regulator CNIL announced it will fine Google €50 million for alleged breach of the GDPR. The fine was issued because Google failed to provide enough information to users about its data consent policies and didn’t give them enough control over how their information is used, according to a report by The Verge. Google has said it will appeal the fine while a Google spokesperson told The Verge that the company is “deeply committed” to meeting the “high standards of transparency and control” that people expect of it.
The Bundeskartellamt statement can be found here.
The related Facebook statement can be found here.