AVROTROS – Court Ruling (Netherlands, 2020)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A Dutch court ruled that Facebook's current measures to stop fake ads using celebrities' names are enough. This case matters because it shows courts may not force companies to do more if they already have some protections in place. The court did not require Facebook to share advertiser details without a strong reason.
What happened
The court ruled that Facebook's measures to detect and remove fraudulent ads using celebrities' names were sufficient.
Who was affected
Dutch celebrities whose names and pictures were used in fake ads on Facebook and Instagram.
What the authority found
The court found Facebook's existing measures to tackle fake ads adequate and did not require them to share advertiser details without meeting specific conditions.
Why this matters
This ruling suggests that courts may accept existing protective measures if they are deemed reasonable. It also highlights the conditions under which service providers might be required to disclose user data.
GDPR Articles Cited
Fraudulent ads using names and pictures of Dutch celebrities are shown on Facebook and Instagram since October 2018. The Claimant, who is a presenter of the news and current affairs programme broadcasted by AVROTROS, is one of the celebrities affected. In November 2019 a similar lawsuit was won by another celebrity, forcing Facebook to implement strict controls and take down fraudulent bitcoin ads. However, in March and April 2020 the Claimant saw similar fraudulent ads with his picture and name: this time the ads referred to the Corona crisis. The Claimant and AVROTROS asked the Court to order Facebook to: 1. To find and take down fraudulent ads within 5 days from this judgement; 2. Share information, identifying the advertisers behind these ads within 7 days from the judgement. Information should include name, email, phone number, date and time of registration, IP addresses and other user and payment data Facebook has in its possession. Facebook claims that the measures they already have in place are good enough and that it is not possible to filter out all fraudulent ads. On the second point, Facebook did not have specific objections, however the company believed that only Facebook Ireland could share this data and only on a Court’s order. The Court ruled that the measures Facebook has put in place to detect and remove fake/fraudulent ads were enough. On the second point, the Court considered the existing case law in the Netherlands. In 2004 the Amsterdam Court of Appeal ruled that an obligation for the service provider to provide data to a third party may be justified if the following conditions are met: a. the possibility that the information is unlawful and harmful to the third party is sufficiently established; b. the third party has a real interest in obtaining the data; c. there is no less drastic way to retrieve the data; d. the balance of the interests of the third party and the internet service provider is in favor of the third party. The Court r
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for AVROTROS in NL
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. AVROTROS - Netherlands (2020). Retrieved from cookiefines.eu
Last updated: