Facebook and other social media can be ordered to censor posts worldwide after a ruling from the EU's highest court.
Platforms may also have to seek out similar examples of the illegal content and remove them, instead of waiting for each to be reported.
Facebook said the judgement raised critical questions around freedom of expression. What was the case about?
The case stemmed from an insulting comment posted on Facebook about Austrian politician Eva Glawischnig-Piesczek, which the country's courts claimed damaged her reputation.
Under EU law, Facebook and other platforms are not held responsible for illegal content posted by users, until they have been made aware of it - at which point, they must remove it quickly. But it was unclear whether an EU directive, saying
platforms cannot be made to monitor all posts or actively seek out illegal activity, could be overridden by a court order.
Austria's Supreme Court asked Europe's highest court to clarify this. The EU curt duly obliged and ruled:
If an EU country finds a post illegal in its courts, it can order websites and apps to take down identical copies of the post
Platforms can be ordered to take down equivalent versions of an illegal post, if the message conveyed is essentially unchanged
Platforms can be ordered to take down illegal posts worldwide, if there is a relevant international law or treaty
Facebook has said countries would have to set out very clear definitions on what 'identical' and 'equivalent' means in practice. It said the ruling undermines the long-standing principle that one country does not have the right to impose
its laws on speech on another country.
Dormouse: Anyone for a magic cookie. If you accept it you will be devoured by evil giants, if you decline, your community will be visited by pestilence and famine.
Alice: That is an impossible choice.
Mad Hatter: Only if you believe it is. Everyone wants some magical solution for their problem and everyone refuses to believe in magic.
Alice: Sometimes I've believed in as many as 6 impossible things before breakfast.
Mad Hatter: And we've legislated them into EU law by lunch
European lawmakers (including judges) seem to live in an Alice in Wonderland world where laws are made up on the spur of the moment by either the Mad Hatter, or the Dormouse. No thought is given to how they are supposed to work in practice or how
they will pan out in reality.
For some reason EU lawmakers decided that the technology of internet cookies personified all that was bad about the internet, particularly that it is largely offered for 'free' whilst in reality being funded by the invasive extraction and
exploitation of people's personal data.
Justifiably there is something to be legislated against here. But why not follow the time honoured, and effective, route of directing laws against the large companies doing the exploiting. It would have been straightforward to legislate that
internet companies must not retain user data that defines their behaviour and personal information. The authorities could back this up by putting people in prison, or wiping out companies that don't comply with the law.
But no, the EU came up with some bizarre nonsensical requirement that does little but train people to tick consent boxes without ever reading what they are consenting to. How can they call this data protection? It's data endangerment.
And unsurprisingly the first wave of implementation by internet companies was to try and make the gaining of consent for tracking cookies a one sided question, with a default answer of yes and no mechanism to say no.
Well it didn't take long to see through this silly slice of chicanery, but that doesn't matter...it takes ages for the EU legal system to gear up and put a stop to such a ploy.
So several years on, the European Court of Justice has now ruled that companies should give real options and should not lead people down the garden path towards the option required by the companies.
In an excellent
summary of this weeks court judgement, the main court findings are:
pre-ticked boxes do not amount to valid consent,
expiration date of cookies and third party sharing should be disclosed to users when obtaining consent,
different purposes should not be bundled under the same consent ask,
in order for consent to be valid 'an active behaviour with a clear view' (which I read as 'intention') of consenting should be obtained (so claiming in notices that consent is obtained by having users continuing to use the website very likely
does not meet this threshold) and,
these rules apply to cookies regardless of whether the data accessed is personal or not.
pdpecho.com commented on what the court carefully decided was the elephant in the room, that would be better not mentioned. ie what will happen next.
The latest court judgement really says that websites should present the cookie consent question something like this.
Website cookie consent
I consent to this website building a detailed profile of my browsing history, personal information & preferences, financial standing and political leaning, to be used to monetise this website in whatever way this website sees fit.
No I do not consent
Now it does not need an AI system the size of a planet to guess which way internet users will then vote given a clearly specified choice.
There is already a bit of discussion around the EU tea party table worrying about the very obvious outcome that websites will smply block out users who refuse to sign up for tracking cookies. The EU refers to this as a cookie wall, and there are
rumblings that this approach will be banned by law.
This would lead to an Alice in Wonderland type of tea shop where customers have the right to decline consent to be charged the price of a chocolate chip cookie, and so can enjoy it for free.
Perfect in Wonderland, but in the real world, European internet businesses would soon be following in the footsteps of declining European high street businesses.