From top: Data Protection Commission office; Meta’s Dublin HQ (formerly Facebook)
The Irish Data Protection Commission (DPC) has denied claims that it lobbied members of the European Data Protection Board (EDPB) to help allow Facebook to bypass General Data Protection Regulation (GDPR).
Via RTÉ News:
The commission has also denied it acted in bad faith by holding talks with Facebook in a manner that it has been claimed by privacy campaigners sought to subvert the procedures of the EDPB.
The developments follow allegations made against the DPC in recent days by NOYB, the organisation run by Austrian privacy campaigner Max Schrems.
He claimed that documents, released under the Freedom of Information Act, showed the DPC tried to lobby other European data protection authorities for the adoption of a General Data Protection Regulation (GDPR) “bypass” approach to user data collection.
According to Mr Schrems, the “freedom of contract” approach would have allowed data controllers to put a clause into their terms and conditions, to make the harvesting of data necessary for a contract, in effect bypassing the consent requirement under GDPR.
The DPC acknowledged that the position it ultimately put forward on the issue of contract at the working group was not acceptable to many in the group and it became clear a consensus could not be built.