Share This Article
The Italian privacy authority took a strict approach against fake accounts claiming its jurisdiction on Facebook given its Italian presence.ย
The decisionย against Facebook is likely to lead to considerable discussions, also because it is in line with some principles that will be introduced by the EU General Data Protection Regulation.
Facebook is subject to Italian privacy law
After the โฌ 1 million fine issued by the Italian privacy authority against Google, the same approach has been adopted towards Facebook Ireland Ltd. which through its Italian entity, Facebook Srl, provides Internet and marketing services.
Also in this case the Italian privacy authority claimed its jurisdiction over Facebook Ireland Ltd. since the operations of the Italian Facebook entity are strictly connected with those of the company running the social media as through the sale of online marketing spaces, it makes Facebook’s business profitable.
Through different criteria such principle expands the scope of Italian privacy law also to companies that are not established in Italy, but offer their products and services in Italy. And this is exactly what is going to happen with the EU General Data Protection Regulation.
Because of the above principle, Facebook has been obliged to comply with the request of access and the obligation to provide details as to the processing of personal data relating to its users as if it was an Italian entity.
Individuals’ right prevail over fakes’ rights
The decision of the Italian privacy authority held in a case where a user had created a fake account of the claimant, publishing fake comments and images that pretended to relate to the claimant on the social network, that Facebook is obliged to remove any content published by the fake account. Such content shall be kept on Facebook’s servers only at the disposal of police authorities.
The above means that even if the images and comments had not been published by the claimant, they are in any case
considered to be his “personal data” as they related to him
As a consequence individuals’ rights are extended also “fake” contents published by third parties pretending that they were real comments, images and contents of the claimant. This view provides a broader protection to individuals which might be relevant especially in the digital age where it is exponentially easy creating false profiles, pictures and contents.
It is true that the EU Privacy Regulation will come into force in 2 years, but its principles are already followed by data protection authorities and therefore it is already time to get ready.
Follow me on LinkedIn โย Facebook Page โย Twitter โย Telegram โ YouTubeย โ Google+
