There has been much controversy and confusion around internet privacy since the GDPR (General Data Protection Regulation) went into effect in the European Union back in the Spring of 2018. The law was actually so confusing, that I wrote an entire blog post explaining who the GDPR would affect, how it would affect them, and how to make your website comply with the new standards (see: Preparing for the GDPR: Basic Information and Implications). For those who don’t know, in summary, the GDPR protects the privacy of European citizens by prohibiting entities or companies from collecting and storing personal user data without explicit permission from the individual themself. To this day, the majority of websites around the world are not GDPR compliant, but the opportunity for large companies to face enormous legal fines was motivation enough for the largest players to modify the ways their websites processed and stored personal data. The regulations have been difficult to enforce, but the EU has kept up with their promise as best as possible. There have been 160,921 reported personal data breaches since 2018 (although the total number of unreported breaches is likely in the millions).
The general problems surrounding data breach incidents have been pretty stable so far, so it’s really interesting about this particular case of a Dutch woman exercising her given rights. Instead of suing a large organization, she is actually suing a relative. The crime this relative has committed? Sharing photos of their grandchildren. Sharing photos of a family member on social media is something so second nature to all of us, but apparently we have been taking it for granted. The Dutch woman did not want her estranged mother sharing pictures of her children on social media (for whatever reason) and was so adamant about this that when her mother refused to take the photos down, the woman actually took her to court over it. She claimed that sharing photos without her or her children’s permission went against the new GDPR legislation.
The more interesting thing about this case is that the Dutch woman actually won! A judge ruled that her actions did violate EU’s GDPR legislation, thereby the mother would have to take them off of her social media accounts or face daily fines, just like any corporation would be expected to do. This is a very unique occurrence in the world of GDPR complaints. I’m not an expert about EU laws, but if it’s anything like in the U.S., this ruling should create a new precedent for future GDPR cases. I hope that this story gets around to other social media members before they are caught off guard. I’m sure there are thousands of vindictive EU citizens who do not want their personal pictures circulating by estranged friends and/or relatives – what an opportunity!