argomento: News del mese - Diritto Internazionale e Comunitario

Articoli Correlati: facebook

On 5 June 2018, in case C-210/16, the Court of Justice of the European Union stated that the data protection authority of the Member State in which the administrator has its seat may, under Directive 95/46 (of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data) act both against the administrator and against the Facebook subsidiary established in that Member State. The Directive 95/46 was repealed with effect from 25 May 2018 by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the General Data Protection Regulation). In the same judgment, the Court found that an administrator must be regarded as a controller jointly responsible, within the E.U., with Facebook Ireland for the processing of that data. Such an administrator takes part, by its definition of parameters (depending in particular on its target audience and the objectives of managing or promoting its own activities), in the determination of the purposes and means of processing the personal data of the visitors to its fan page. For the Court, the fact that an administrator of a fan page uses the platform provided by Facebook in order to benefit from the associated services cannot exempt it from compliance with its obligations concerning the protection of personal data.