• Home »
  • Big stories »
  • Lawyer activist slaps global platforms with $8 billion GDPR lawsuits

29 May 2018 at 09:11 BST

Lawyer activist slaps global platforms with $8 billion GDPR lawsuits

By the time dusk fell on GDPR day last Friday, an Austrian activist lawyer had already slapped global platforms with multibillion-euro complaints.

Shutterstock

An Austrian privacy lawyer has filed multibillion-euro complaints against Google, Instagram, WhatsApp and Facebook for allegedly seeking "forced consent" in their terms of service, in some of the first cases to test the reach of the EU's new data regime.

Four complaints, four jurisdictions
The four complaints come to a combined total of 7.6 billion euro ($8.8 billion), filed in courts around Europe. Max Schrems, who runs a nonprofit called None Of Your Business and has been pursuing internet user privacy litigation for some years, has sued the four global platforms for allegedly bombarding users with pop-up windows. The complaints were issued within hours of the GDPR coming into effect. The lawsuits seek maximum penalties of € 3.7bn against Google (Android) in the French courts, €1.3bn against Instagram in Belgium, €1.3bn against WhatsApp in Germany, and €1.3bn against Facebook in Austria, bringing the total to €7.6 billion.

Crucial test of new laws
The activist group organisation issued a statement that the GDPR was supposed to give users a free choice, whether they agree to data usage or not. The group stated the opposite feeling spread on the screens of many users as tons of "consent boxes" popped up online or in applications, often combined with a threat that the service cannot longer be used if users do not consent. The group also states these first complaints will be a crucial test of the law, ‘with a penalty of four per cent of global revenue, Google or Facebook would have to pay more than a billion euros for violating the law. Currently we do not expect that DPAs will use the full penalty powers, but we would expect a reasonable penalty, given the obvious violation.’ Though GDPR applies irrespective of location with the EU, the Irish Data Protection Commissioner is likely to be get involved because ‘the headquarters of the relevant companies is in Ireland in three cases.’

 
   
 
 
 

Also read...

BCLP launches division to support In-house counsel

New combined legal operations consultancy division brings together teams on both sides of the Atlantic to support In-house legal teams.