BERLIN (Reuters) – A group led by data protection activist Max Schrems filed a complaint Monday with German and Spanish data protection authorities over AAPL.O online tracking tool, claiming it violates European law by allowing the iPhone to store users’ data without their consent.
This is the first such major action against the US Technology Group regarding the European Union̵
Noyb, the digital rights group led by Schrems, has successfully battled two landmark privacy tests against Facebook FB.O.
Apple said it was unable to comment immediately.
Earlier, the California-based technology giant said it provided consumers with an excellent level of privacy protection. He announced that he would further tighten his rules with the launch of his iOS 14 operating system this fall, but said in September that he would postpone the plan until early next year.
Noyb’s complaints were filed against Apple’s use of tracking code, which is automatically generated on each iPhone during setup, the so-called Advertiser ID (IDFA).
The code stored on the device allows Apple and third parties to track the user’s online behavior and preferences – vital for people like Facebook to be able to send targeted ads that will interest the user.
“Apple puts codes in its phones that are comparable to cookies without the user’s consent. This is a clear violation of the European Union’s privacy laws, “said Noyb’s lawyer Stefano Rossetti.
Rosetti referred to the EU’s ePrivacy Directive, which requires the user’s prior consent to install and use such information.
Apple’s new rules will not change that, as they will restrict third-party access, but not Apple’s.
Apple reports every fourth smartphone sold in Europe, according to Counterpoint Research.
The lawsuits were filed on behalf of a separate German and Spanish consumer and were handed over to the Spanish data protection authority and its partner in Berlin, Neub said.
In Germany, unlike in Spain, each federal state has its own data protection authority.
None of the authorities responded immediately to requests for comment.
Neub said the lawsuits were based on the 2002 ePrivacy Directive, which allows national authorities to impose fines autonomously as a way to avoid lengthy proceedings against Facebook, based on the General Regulation on the Protection of Facebook. data (GDPR).
The GDPR regime, launched in 2018, includes a mandatory mechanism for cooperation between national authorities, which, according to Noib, slows down progress.
Rosetti said the action aims to establish a clear principle that “follow-up should be the exception, not the rule”.
Apple faced an antitrust lawsuit in France last month in which ad groups objected to planned privacy changes, saying they were giving Apple an unfair advantage.
While Schrems won legitimate victories in Europe against Facebook’s privacy practices, the US social network managed to adapt its targeted online advertising model.
Report by Kirsti Knolle, further by Douglas Busvine. Edited by Jane Merriman, Louise Havens and Edmund Blair