The US Second Circuit Court of Appeal ruled Facebook does not edit for the content that the terrorist group Hamas publishes on the platform. The ruling stressed that the company only required users to provide basic information and, therefore, acts as a neutral intermediary. The lawsuit required to hold Facebook liable for allowing violent extremists to use the platform to recruit followers. The families of the terrorist victims attempted to argue that Facebook could be held liable under the US Anti-Terrorism Act.
In a new ruling, the European Court of Justice ruled that websites using Facebook’ Like buttons need to warn their users about the collection and processing of their personal information. According to DW, websites using the button must obtain prior consent from users for the "collection and transmission of the data," meaning that they will now be held jointly responsible for letting users know that Facebook has access to their data. The Court found that it appears that a website cannot be considered to be a controller in respect of the operations involving data processing carried out by Facebook Ireland after those data have been transmitted to the latter. According to TechCrunch, this ruling is significant because Facebook’s Like buttons transfer personal data automatically, which means that if websites are relying on visitors’ ‘consenting’ to their data being shared with Facebook they will likely need to change how the plug-in functions to ensure no data is sent to Facebook prior to visitors being asked if they want their browsing to be tracked by the adtech giant.
The European Commission has decided to refer Greece and Spain to the European Court of Justice for failing to transpose the Data Protection Law Enforcement Directive, Directive (EU) 2016/680), part of the GDPR reform. The European Commission’s decision to start an infringement procedure was justified by the fact that by failing to transpose the directive, these countries created different level of protection of peoples' rights and freedoms and hampers data exchanges between Greece and Spain on one side and other Member States who transposed the Directive on the other side. According to MediaNama, the European Commission had started infringement proceedings against seven member states (Spain, Greece, Bulgaria, Cyprus, Latvia, the Netherlands, and Slovenia) in July 2018 by sending a formal notice to respective national authorities.
The Delhi High Court has ruled that e-commerce platforms like Amazon, Flipkart, Healthkart and Snapdeal are not allowed to advertise, display and offer for sale the products of companies that are direct selling entities without their consent. The lawsuit was filed by Amway, Modicare and Oriflame, direct selling companies of healthcare and beauty products. They claimed that the platforms sell their product at cheaper rates, resulting in financial losses. The e-commerce platforms argued that they were merely intermediaries under Section 79 of the IT Act 2000, therefore, not liable for the products that different sellers offer on their marketplaces.
In the aftermath of the data breach Equifax has suffered in 2017, which exposed the data of 143 million customers, the company has agreed to a settlement with the Federal Trade Commission, the Consumer Financial Protection Bureau, and 50 US states and territories. The settlement includes up to $425 million to help customers affected by the data breach, who can file a claim for free credit monitoring and identity theft protection services, cash payments (capped at $20,000 per person), free help recovering from identity theft, and free credit reports.
FTC and Facebook reached a settlement in case of Facebook mishandling user’s personal information. The FTC approved a fine of $5 billion, largest to date by US federal government against a technology company and increased oversight on how Facebook handles the user’s data. Some criticize the settlement as insufficient in forcing Facebook to change how it handles user’s data. The settlement is subject to approval by the US Department of Justice, which is expected in due course and would close the case of Cambridge Analytica in the US.
New Zealand’s Domain Name Commission wins appeal against DomainTools for breaching privacy of owners of .nz domains
The New Zealand’s Domain Name Commission has won the case against DomainTools when the US Court of Appeals dismissed the appeal of DomainTools and confirmed previous court decision from September 2018. The case dealt with the practice of DomainTools, a US digital intelligence gathering company, to disclose the data of about 60 thousand .nz name holders who opted for keeping their information private.
France’s Parliament passed a law on Digital Services Tax imposing a 3.0 percent tax on revenues generated from services to French consumers by the largest tech firms. Even before the law was passed, it drew attention by the US. US Trade Representative started an investigation into the effects of the French regulation on US tech companies claiming that these are unfairly targeted.
The Court of Justice of the European Union (CJEU) repealed the German telecom regulator’s decision to require Google’s e-mail service Gmail to register as a telecom service and comply with telecom service obligations. Google alleged that it does not provide communication services because its e-mail service relies on Internet service providers (ISPs) to transmit and receive messages. The CJEU was referred by a German court to decide whether web-based email services fits under the EU law definition of electronic communications service. The court ruled that Google’s involvement in transmitting e-mail messages is not sufficient to be considered an electronic communication service. Gmail does not provide Internet access, which is the key aspect of the definition of an electronic communication service. The court stressed that differently from Skype, that had an agreement with telecom companies to deliver calls to telephones, Google only uploads and receives data from ISPs.
As a follow up to the Easter suicide attacks, Sri Lanka is now amending its Penal Code to include spreading fake news and hate speech on social media. The sentence will carry five years of imprisonment and a fine of 1 million rupees (USD 5,715). This is in addition to the last month’s regulations on combating fake news and giving the authorities the right to remove hateful content.