While Schrems was a visiting student at Santa Clara University in Silicon Valley, he was shocked by a Facebook lawyer’s grasp of the severity of data protection laws in Europe. As a result, he wrote a thesis about Facebook’s misunderstanding of privacy law in the EU, unearthing all kinds of violations — data protection is much more strict across the pond in Europe. Speaking to Forbes, Schrems said:
“Having a headquarters in Europe makes Facebook vulnerable… That means all of its European users have contracts with that Dublin office and makes the company subject to Ireland’s strict privacy law.”
Since finishing his thesis, he’s formed an activist group called Europe v. Facebook, publicized his findings online, bombarded Facebook with complaints and prompted Congress to question the social media site.
In fact, he’s been so much of a pain in the arse that Facebook agreed to meet with him. On Monday, Facebook’s European director of policy, Richard Allan, and another unidentified California-based Facebook exec flew to Vienna to meet Schrems. But this wasn’t a short, brush-off of a meeting: this was a gruelling six-hour legal slog.
“We are even more confident that Facebook is in many ways re-interpreting that law in ways that are not stringent or compliant with the case law by the European Court of Justice.”
Schrems is insistent that Facebook’s policy of ‘assumed consent’ shouldn’t be allowed, and that it should run the site on an opt-out, rather than opt-in, basis. The fact that Facebook was willing to give up six hours to Schrems’ concerns, and has agreed to research issues raised in the meeting and forward on their data, suggests that they’re taking him seriously. How far can one man go? [Forbes and ZDNet; Image: Getty]