Meta – Court Ruling (Germany, 2025)

Meta, the controller, is the developer of the instruments “Meta Business Tools”, which are integrated by many third-party websites and apps. Their aim is to monitor and enhance the effectiveness of advertisement. The processes transferring data from the third-party websites to Meta take place regardless of whether the user has activated Meta apps at that moment, and regardless of whether the user has given consent. The data subject’s personal data were being processed according to the procedures described above, despite having objected to the processing of such personal data on his Instagram profile's settings. The data subject thus filed a complaint with the court, asking for an order for the controller to stop processing his data and to delete or anonymise all personal data currently stored, and to be awarded immaterial damages. The controller claims that the data processing carried out with the use of Meta Business tools is “inherent in the contemporary use of the internet”, and that it has no way of making sure that third-party companies have obtained consent from users. The court awarded immaterial damages for €5,000, holding that fear of misuse of one's personal data can amount to immaterial damage. Firstly, it declared the requests to order the controller to cease processing and to delete his personal data inadmissible. The requests were not sufficiently specific, as they did not refer to specific data points. Further on, the court rejected the controllers arguments, affirming that: “Ultimately, the objections raised are not legal arguments, but purely political ones based on the erroneous assumption that the defendant has a quasi-natural right to the undisturbed use of the "business tools" it has designed. Legally, the opposite is true: if the defendant brings applications onto the market with which it cannot ensure legally compliant operation for all users, then it will have to refrain from using these "tools" if the parties concerned take legal a