The EU Supreme Court adviser has issued a recommendation that allows data protection authorities in any EU country to take legal action against Facebook or any other technology company, even if its regional headquarters is in another EU country.

This recommendation was issued after Facebook tried to reject the Belgian privacy regulator in a data case, saying that its European Union headquarters is in Dublin, so Ireland is the lead agency of the US social media giant in the European Union.

EU Court of Justice consultant Michal Bobek (Michal Bobek) advocated that the data protection agency in any EU country, even if it is not the lead agency, should be able to take legal action under various circumstances.

If the recommendation is followed, it may prompt national institutions in the 27 EU member states to take action against other US technology companies, such as Google, Twitter and Apple, which also have their EU headquarters in Ireland.

Facebook did not provide immediate comment.

EU judges usually follow the general opinion of their advocates, but this is not required. They usually make a ruling within two to four months.

The Belgian regulator is trying to prevent Facebook from collecting data on the browsing behavior of Belgian users in order to show them targeted ads without their valid consent. The regulator said this happens even if the user does not have a Facebook account.

Facebook questioned this on the grounds that Ireland’s privacy regulator is Facebook’s main lead agency.

Bobeck said that the lead agency has general authority in cross-border data processing, and in cross-border cases, based on the “one-stop” mechanism contained in EU rules, the power of other competent authorities to initiate legal proceedings is restricted.

See also  Facebook adds cloud gaming capabilities for Android users

But he said that the lead agency needs to work closely with other data protection agencies, and he said the case can still be brought to court.

The EU privacy rules (known as the General Data Protection Regulation (GDPR)) leave room for privacy regulators in other countries to determine infringements in specific countries. France and Germany have done it.

© Thomson Reuters 2020

What is the most exciting technology conference in 2021? We discussed on the weekly technical podcast Orbital, you can subscribe via Apple Podcast, Google Podcast or RSS, download the episode, or click the play button below.