Privacy & Information Security Law Blog

On January 24, 2014, the Chamber Court of Berlin rejected Facebook’s appeal of an earlier judgment by the Regional Court of Berlin in cases brought by a German consumer rights organization. In particular, the court: 

• enjoined Facebook from, broadly, operating its “Find a Friend” functionality in a way that violates the German Unfair Competition Act;
• enjoined Facebook from using certain provisions in (1) its terms and conditions, and (2) privacy notices concerning advertisements, licensing, personal data relating to third parties and personal data collected through other websites; and
• mandated that Facebook provide users with more information about how their address data will be used by the “Find a Friend” functionality.

Similar to its earlier case against Apple, the German consumer rights organization successfully argued that German, not Irish, data protection law applied. Although other German courts have not always accepted this line of reasoning, the court followed it here and, notably, also held that a breach of data protection law also may constitute a breach of the Unfair Competition Act. This approach represents a new development in the data protection context. One of the conditions for consumer rights organizations to be able to commence legal proceedings is that there is a violation of the Unfair Competition Act. Recognizing data protection law violations as violations of the Unfair Competition Act therefore arguably makes it easier for consumer rights organizations to bring privacy-oriented cases. It also can be seen as part of a wider trend to improve the ability of German consumer rights organizations to sue for breaches of data protection law.

The Chamber Court’s ruling is not yet binding and is subject to appeal.