Data Protection Watch: Digital Platforms
Legal Alerts

Data Protection Watch: Digital Platforms

Data protection is something that the European Union (EU) takes seriously, especially where its citizens are concerned. Under article 8 of the Charter of Fundamental Rights of the European Union, every EU citizen has the right to have their personal data:

  • Protected;
  • Processed fairly for a specified purpose;
  • On the basis of their consent or a legitimate interest;
  • Have access to it; and
  • Have it corrected.

There have been recent developments in the EU over the infringement of the General Data Privacy Regulation (GDPR) by tech giants, which we must follow keenly to see if these companies will make changes in their apps, and whether the compliance changes in their apps will extend to countries where EU citizens reside like Kenya. These developments include:

  1. Google

Germany’s competition regulator Bundeskartellamt, announced its intentions to compel Google to give its users more control over information usage and tracking across its subsidiary businesses (YouTube, Maps, Google Search) because:

The German’s Competition Act was amended to allow for early intervention by the cartel office where companies, especially tech giants, are seen to have a preeminent significance across markets. As a result, the regulator discovered that Alphabet (Google’s owner) needed to be regulated since it met the regulation threshold set under section 19a of the German’s Competition Act for large digital companies.


  • The giant gets massive revenues from digital advertisements in its Google Ads platform, because of the competitive edge it has based the data collected from the different services it offers. The regulator’s requirement may be a major setback on how Google generates revenue since its business model is heavily reliant on processing users’ personal data.
  • The administrative proceedings against Google are still ongoing and could result in: Google making certain commitments on how data will be processed, the regulator prohibiting Google’s practices or, dismissing the case altogether.
  • Meta

In a complaint filed by noyb on 25th May 2018, the European Data Protection Board (EDPB) recently declared Meta’s business model illegal. This means that Facebook and Instagram can no longer collect personal data to run behavioral ads without user consent. Meta had by-passed the requirement to get opt-in consent from users for tracking and online advertisement, by adding a provision to its terms and conditions.

The GDPR prohibits the forcing of users into agreeing to have their personal data collected in exchange for a service. However, Meta has been of the view that the GDPR’s contractual necessity exception allows it to collect personal data to meet its terms of service because collecting personal data for behavioral advertising was necessity. This argument was rejected by EDPB.


The German regulator’s decision doesn’t have a wider impact as the EDPB’s decision. However, the move by both bodies will impact the companies duopoly over the digital platform which they had dominated for years. Whether Google and Meta will effect app changes across the globe or localize them is something a majority are keen on.

Leave feedback about this

  • Informative
  • Educational
  • Inspiring
  • Professional


Add Field


Add Field
Choose Image