Out-Law News | 10 Dec 2021 | 9:40 am | 1 min. read
Consumer groups are free to launch claims against data controllers under the General Data Protection Regulation (GDPR) in national courts, according to the opinion of an advocate general of the Court of Justice of the EU (CJEU).
It comes after the Federation of German Consumer Organisations entered legal proceedings against Facebook, alleging that the social media platform failed to explain to European users how and why their personal data was being processed in its App Centre.
The case was referred to the CJEU after a German court questioned whether it could try the case, since EU data protection authorities enforce GDPR rules.
But advocate general Jean Richard de la Tour said a consumer protection association could sue a data controller that was accused of violating EU safeguards in a national court if the domestic laws allowed for it.
“It would be paradoxical to say the least, if the strengthening of the means of supervising the rules on the protection of personal data which the EU legislature wished to introduce when it adopted… [the GDPR] …should ultimately lead to a reduction of the level of protection of personal data,” he said.
De la Tour’s opinion, which is not legally binding, referred to the precedent set by the Fashion ID case, when an EU Court gave a similar decision in reference to the Data Protection Directive – the legal precursor to GDPR.
A spokesperson for Meta, which owns Facebook, said: “We’ll analyse the advocate general’s opinion. Legal clarity on the scope and process of GDPR is important, and we’re glad the Court of Justice of the European Union is considering the questions raised in this case.”
02 Dec 2021