Apple faces two strategic privacy complaints in Europe from Max Schrems, a digital activist who has successfully taken advantage of Facebook’s user data practices.
Vienna-based non-profit organization Noyb (as in “none of your business”) has filed privacy complaints with German and Spanish regulators, claiming that Apple AAPL,
tracks consumers without their consent in breach of European Union law.
Complaints focus on Apple’s Advertiser ID (IDFA), a unique tracking code generated by each iPhone that allows Apple, app developers and advertisers to track and target ads.
Noyb claims that the default inclusion of the iPhone IDFA is in violation of the EU’s Cookie Act 2011, which requires informed and unambiguous consent from users to store their data.
Plus: Google, Facebook and Apple are at a crossroads as lawmakers agree on EU intervention in Big Tech
IDFA “allows Apple and all phone applications to track users and combine information on online and mobile behavior,” Noib said in a statement. “Apple issues these tracking codes without the knowledge or consent of users.”
Both complaints were filed through the EU’s ePrivacy Directive, not the General Data Protection Regulation (GDPR), which means that German and Spanish regulators can fine Facebook without cooperating with the bloc’s authorities.
“EU law protects our devices from external tracking. Tracking is only allowed if users explicitly agree to it. This very simple rule applies regardless of the tracking technology used, “said Stefano Rossetti, Noyb’s privacy lawyer.
Schrems is a high-ranking activist who successfully takes advantage of Facebook FB,
He said that given the revelations about state surveillance published publicly by whistleblower Edward Snowden, the United States did not provide sufficient protection for consumer data.
In 2015, his complaint to the Irish authorities – Facebook’s base in Europe – invalidated the Safe Harbor Agreement, which governed transatlantic data storage. Earlier this year, the EU’s highest court ruled that Safe Harbor’s successor, the US-EU Privacy Shield, did not adequately protect consumer data.
Also: Google targets these technology companies, urging regulators to take action against “blatant abuse of dominance”
Apple has previously said it will tighten its own rules on third-party data usage by requiring apps to ask users for permission to join IDFA tracking in the latest iOS 14 software update. of the idea in September, postponing the changes until early next year to give developers more time to make adjustments.
Noyb’s position is that the changes proposed by Apple are not enough to meet EU confidentiality requirements. “These changes appear to limit the use of IDFA to third parties (but not to Apple itself),” the group said. “However, the initial storage of IDFA and its use by Apple will still take place without the consent of consumers and therefore in breach of EU law.”
“IDFA must not only be limited, but also permanently deleted. “Smartphones are the most intimate device for most people and by default they should be without a tracker,” said Rossetti.
MarketWatch contacted Apple for comment.