A ruling by the Federal Court of Justice (BGH) in Germany has stated that victims of a Facebook data breach are entitled to €100 in damages each.
In 2019, a massive database of information on more than 500 million Facebook users started to circulate online. It turns out that Facebook had a feature that let Facebook users find other people on the platform via their phone numbers. That same feature was misused by the attackers who managed to scrape information for more than half a billion people.
The scraped information included user ID, first and last name, place of work and gender.
"The unknown third parties assigned telephone numbers to the associated user accounts by entering randomized sequences of numbers on a large scale via the contact import function and accessed the public data available for these user accounts (so-called scraping)," noted the Court.
The plaintiff's victory wasn't as resounding as it seemed. The initial claim was that the data breach caused the victim psychological impairment, but the Court didn't agree.
On the other hand, the data breach was found to violate the General Data Protection Regulation (GDPR) in Europe.
"In this respect, there does not have to have been a specific misuse of this data to the detriment of the person concerned, nor does it require any other additional noticeable negative consequences," the Court added.
Basically, even if the victim wasn't directly affected by the data breach, the incident still affected the person's rights.
The German Federal Court of Justice found it reasonable to set compensation for the loss of control over personal data at €100. This essentially means that, even if there was no significant harm, a small sum can still be awarded for the inconvenience or breach of rights under the GDPR.
Technically, any resident of the EU at the time of the breach could claim the €100 compensation. This applies broadly to individuals across all EU member states, not just Germany.
It's worth noting that the lower Court will make the final decision on the specific amount of compensation and other claims during the re-examination of the case. This was not the final ruling in this case.
Use Bitdefender Digital Identity Protection to control, manage and safeguard your identity against data breaches and leaks. Our identity protection service continuously scans millions of websites and the Dark Web, searching for your leaked data. You can visualize your digital footprint at a glance, check your breach history, map risk, and any personal information that may have ended up online: email addresses, phone numbers, passwords, social media links, physical addresses, and credit card details.
On top of 24/7 data breach alerts, you can benefit from the industry's first Identity Protection Score to help you understand the extent of the breach and how it can impact you and receive actionable advice to immediately minimize risk and safeguard your well-being.
tags
Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.
View all postsDecember 19, 2024
November 14, 2024