social media

Subscribe to social media

In a recent decision of December 19, 2021, case no. 1 BvR 1073/20 (published with an official press release dated February 2, 2022), the German Federal Constitutional Court (Bundesverfassungsgericht – BVerfG) set aside several judgments of the Berlin civil courts. The Berlin civil courts had denied the plaintiff, who alleges she was exposed to hate speech on a social network, the right to demand from the operator of the social network access to customer data, i.e., the full names of the users who had posted the content that the plaintiff considered to be hate speech. In the view of the BVerfG, the Berlin courts had failed to properly balance the parties’ interests and thereby had violated the plaintiff’s fundamental rights.
Continue Reading Germany’s Federal Constitutional Court provides guidance for assessing claims against hate speech on social media

In September 2020, the European Data Protection Board (EDPB) released new guidelines on the targeting of social media users (Guidelines) for consultation.

Background

The Guidelines address the privacy risks and legal issues that arise when social media services are used to direct specific messages to users based on particular criteria, such as the users’ perceived interests, preferences and socio-demographic characteristics.

 A typical example of this is when a brand (or ‘advertiser’) advertises their products or services on individuals’ social media platforms. Through programmatic advertising (the automated buying and selling of online advertising) and the process of ‘real-time bidding’ (the automated bidding of display advertising inventory in real-time) in particular, advertisers can place personalised adverts on individuals’ social media platforms (e.g. through content feeds or ‘stories’). This process usually involves processing personal data in bid requests, which can include individuals’ web browsing history, age, gender, location and network connections. Advertisers submit bids to have their adverts placed on individuals’ social media pages based on the perceived likelihood that the individual will be interested. Generally, the more detailed the bid request, the higher the bids are likely to be, so there is more incentive for the parties involved to collect as much personal data as possible through the use of tracking technologies or otherwise. Further, parties within the ad tech ecosystem (such as data brokers) may augment the data collected from the bid request with information from other sources (including offline sources), which they might sell to other stakeholders involved in the targeting process.

The Guidelines split the types of actors involved in the targeting process into four different groups, namely: (1) social media providers; (2) social media users; (3)  targeters (e.g. advertisers); and (4) ‘other actors’ which may be involved (e.g. supply side platforms (SSPs), demand side platforms (DSPs), data management platforms (DMPs), data brokers, ad networks and ad exchanges).

The Guidelines identify the potential risks of targeting for social media users, such as loss of control over personal data, potential discrimination and potential manipulation of individuals (as targeting mechanisms seek to influence individuals’ behaviour and choices).

The Guidelines also seek to clarify the roles, responsibilities and relationships between social media providers and targeters and explain the key data protection requirements and documentation that should be in place.Continue Reading EDPB releases draft guidelines on the targeting of social media users

The COVID-19 pandemic has hit the brand ambassador and influencer industry in different ways. Social media engagement is up. Screen times have increased. Advertising campaigns of brand ambassadors for organizations and influencers might have been adjusted. Self-quarantining audiences have different demands. With the strong trust from their followers, influencers on social media channels such as

A Dutch court has held that a grandmother was in breach of the General Data Protection Regulation (GDPR) for posting pictures of her grandchildren on social media platforms without their parents’ consent and refusing to delete them after multiple requests.

The GDPR does not apply to the processing of personal data by an individual “in the course of a purely personal or household activity”.

However, the court said that it was not sufficiently established what security settings the grandmother had on her social media accounts, and it was not clear whether the photos could have been found via search engines. As a result, the court was not convinced that posting the photos on social media sites constitutes a “purely personal or household activity”, as this places them in the public domain, and they could then be further distributed and used by third parties.
Continue Reading Dutch court holds that a grandmother is in breach of the GDPR for failing to remove photos of her grandchildren from social media platforms

On February 13, 2020, the German Federal Ministry of Justice and Consumer Protection (BMJV) published a proposal to soften the regulatory requirements for influencers for labeling their posts as advertising (Proposal). Under the Proposal, statements posted on social media about products for which no consideration was given – either in the form of monetary compensation

Social media users may soon be able to easily transfer their personal information to competing platforms. On October 22, 2019, a bipartisan group of U.S. senators (Mark R. Warner (D-VA), Josh Hawley (R-MO), and Richard Blumenthal (D-CT)) introduced the Augmenting Compatibility and Competition by Enabling Service Switching Act (ACCESS Act), a bill aimed at encouraging market-based competition among today’s major social media platforms by requiring the largest of these tech companies to allow users to move their data from one service to another.

The bill, should it become law, would be regulated and enforced by the Federal Trade Commission (FTC), and would require large communications platforms (products or services with over 100 million monthly active users in the U.S.) to:

  • Make users’ personal data portable, by allowing users to retrieve and/or transfer their personal data in a structure and machine-readable format.
  • Maintain interoperability with other platforms, including competing companies.
  • Give users the ability to designate a trusted third-party service to manage their privacy, content, online interactions, and account settings.

Continue Reading Bipartisan social media data portability bill introduced in U.S. Senate

Addressing an issue of first impression, the Pennsylvania Superior Court ruled last week that a venue analysis dating to 1967 focusing on the location of dissemination of allegedly defamatory newspapers applied to online defamation suits as well.  As a result, the proper venue for Pennsylvania defamation suits based on website content is any county where a third party who knows the plaintiff personally reads the content and understands it to be harmful to the plaintiff’s reputation. The ruling enlarges the potential venue options for defamation plaintiffs and could lead to website publishers and social media posters being sued in any county in Pennsylvania.
Continue Reading Pennsylvania Superior Court holds county where reputational harm occurs is proper venue for Internet defamation suits, confirming 50-year-old inquiry applies to website-based claims

They are the stars of the young generation, brand ambassadors for organizations and leaders on social media: influencers. With their strong presence on social media channels such as Facebook, Instagram or Twitter, influencers have a power that pays off. Thousands of users follow the day-to-day posts of their role models. Influencers are becoming increasingly important

On November 28, 2018, Singapore’s Personal Data Protection Commission (commission) issued its grounds of decision against Big Bubble Centre (respondent), a sole-proprietorship in the scuba-diving business.

The facts of the case were as follows:

  • The complainant was an individual who had worked for the respondent and claimed that he was not paid wages for such work. He resigned and decided to take some diving equipment, which he claims to have paid for.
  • The respondent refuted the complainant’s claim, and instead asserted that the complainant had owed it money for participating in and logging dives organized by the respondent for the purposes of obtaining his PADI Dive Master Certification. Further, it alleged that the complainant had stolen its diving equipment as well as the respondent’s documents.
  • The complainant in turn claimed that the respondent had sent text messages to some of its customers informing them about the respondent’s allegations against the complainant.
  • The complainant himself wrote a Facebook post detailing his angst with the respondent and its owner. In that same post, he also warned other divers from joining the respondent.
  • The respondent posted two Facebook posts of its own, detailing the money that was allegedly owed to it by the complainant, and disclosed the following personal data in these posts:
    1. the complainant’s name, national registration identity card number, date of birth, passport number and expiry date, mobile phone number, email address, residential address; and
    2. the complainant’s female friend’s name and residential address, as well as the make of her car.

Continue Reading Singapore data protection commission issues warning for “heat of the moment” disclosure of personal data

Recently, the German media regulators, the State Media Authorities (Landesmedienanstalten), issued a joint guidance paper on marking adverts on social media (Leitfaden der Medienanstalten, Werbekennzeichnung bei Social Media-Angeboten; “Guidance Paper”). The Guidance Paper replaces the State Media Authorities’ earlier FAQs. It is intended to help organisations and individuals to