In February of this year the German antitrust agency, the Federal Cartel Office (“FCO”), issued a decision against Facebook regarding their handling of user data. Please see our previous blog-post detailing the FCO’s arguments here

Facebook appealed and on August 26, 2019, the Düsseldorf Court of Appeal (“DCA”) in an interim decision granted suspensive effect to Facebook’s appeal against the FCO decision.

The DCA can order suspensive effect to an appeal if it has serious doubts whether the prohibition decision is legally valid.  Despite the preliminary character of the DCA’s decision, this could represents a significant setback for the FCO and have signaling effect beyond the German borders,. The DCA made certain important points on issues of law, which it will likely not revers during its main proceedings.
Continue Reading German Court Divorces GDPR and Competition Law in Facebook Appeal

On February 6, 2019, the German antitrust agency, the Federal Cartel Office (“FCO”), imposed limitations on Facebook’s current practice of collecting and processing user data and prohibited using the related terms of service.  After an almost three-year long investigation, the FCO found that some of Facebook’s business practices amounted to an abuse of a dominant position.  For the first time, the FCO based its abuse-of-dominance analysis also on whether the dominant company complied with the GDPR – throwing compliance with the GDPR into their competition law assessment.[1]
Continue Reading Germany Limits Facebook’s Data Collection and Processing, Refers to GDPR

Knuddels GmbH & Co KG, a German social media app, has received the first administrative fine issued by a German supervisory authority under the General Data Protection Regulation (“GDPR”).

The fine of € 20,000 has been levied on Knuddels by the Commissioner for Data Protection and Freedom of Information in Baden-Württemberg (one of 16 regional data protection authorities in Germany) following a hack reported by Knuddels in September which resulted in the personal data of approximately 330,000 users being stolen and subsequently published. Such personal data included users’ emails addresses and passwords.
Continue Reading First German Fine Issued Under the GDPR