GERMANY—Berlin Court Declares Apple’s Privacy Rules Void
By Flemming Moos
In this respect, the judges held that the eight provisions would deviate too far from the German data protection rules enshrined in the Federal German Data Protection Act and the Telemedia Services Act.
The ruling is not well-founded in two aspects. Firstly, it seems very doubtful whether material German data protection laws apply at all. The court has not addressed this issue, although this was indicated because defendant was Apple Sales International with its business seat in Ireland. In the case against Facebook Ireland, the Schleswig-Holstein Administrative Court of Appeals decided on April 22 that the data processing by Facebook in relation to German users is not subject to German but only Irish data protection law. This goes back to binding provisions stemming from EC Directive 95/46/EC, according to which a member state shall not apply its national provisions that it adopts pursuant to the EC Directive in case the data processing is carried out by a controller on the territory of another member state.
Consequently, just looking at the legal reasoning, it would be a surprise for Apple not to seek an appeal of the decision.
Flemming Moos is a partner at Norton Rose in Germany and a certified specialist for information technology law. He chairs the IAPP KnowledgeNet in Hamburg and can be reached at firstname.lastname@example.org.