Complaint Says Apple’s IDFA Violates European Privacy Law

Ruben Fields
November 16, 2020

The code, stored on the device, allows Apple and third parties to track a user's online behaviour and consumption preferences - vital for the likes of Facebook to be able to send targeted ads that will interest the user.

The campaigner, whose earlier legal battles are forcing Facebook to change the way it transfers data, has filed two complaints to Spanish and German authorities under Noyb, his Vienna-based digital rights group.

The Californian tech giant has said it provides users with a superior level of privacy protection.

Apple was not immediately available for comment when contacted by Business Insider. At the same time, the initial storage of the IDFA and Apple's use of it will continue without prior user consent.

Rossetti referred to the EU's e-Privacy Directive, which requires a user's consent before installation and using such information. While Apple introduced functions in their browser to block cookies, it places similar codes in its phones, without any consent by the user.

Apple had planned to tighten privacy rules in its latest operating system, iOS 14.

Rossetti said the complaints aren't based on the EU's General Data Protection Regulation, or GDPR, which gives regulators the power to impose hefty fines.

Both authorities did not immediately reply to requests for comment.

Brexit: Trade deal sticking points 'can be resolved', says United Kingdom minister
Without one, millions of consumers will face the return of quotas and tariffs for the first time in a generation. Prime Minister Boris Johnson's government has acknowledged that the Internal Market Bill breaches worldwide law.

Changes announced by Apple to restrict the use of IDFA by third parties do not go far enough and would still leave the company in breach of European Union law, according to NOYB.

Apple accounts for one in every four smartphones sold in Europe, according to Counterpoint Research.

"The IDFA should not only be restricted, but permanently deleted", he said.

Noyb, which has filed several complaints against Facebook and Google in Ireland and complained that the national data protection commission has been slow to take action, said it hoped for the Spanish and German authorities to act more quickly.

The reason the case was brought in Spain and in Germany was partly because these jurisdictions had data protection laws where it would be possible this type of ruling would be enforced, he added.

"With our complaints we want to enforce a simple principle: trackers are illegal, unless a user freely consents", Stefano Rossetti, Noyb lawyer said in a statement.

While Schrems has won legal victories in Europe against Facebook's privacy practices, the USA social network has been able to adapt its targeted online advertising model. The activists scored a big win this July, when the European Court of Justice (ECJ) struck down the so-called "Privacy Shield' - a major agreement governing the transfer of EU citizens' data to the United States - deeming it not private enough and prone to spying".

Other reports by

Discuss This Article