[HN Gopher] Facebook's GDPR consent bypass reaches Austrian Supr...
___________________________________________________________________
Facebook's GDPR consent bypass reaches Austrian Supreme Court
Author : input_sh
Score : 246 points
Date : 2021-03-15 11:17 UTC (11 hours ago)
(HTM) web link (noyb.eu)
(TXT) w3m dump (noyb.eu)
| roel_v wrote:
| In this context, for people in the Netherlands - there is a
| 'class action' (well not really, we don't have those in the same
| way as in the US, but functionally equivalent) lawsuit against
| Facebook in order to get monetary compensation from Facebook for
| the time(s) they violated privacy laws. The first hearing will be
| on the 1st of April. Of course Facebook has been trying to delay
| this case, e.g. by claiming Dutch users should have asked for
| redress in Irish courts.
|
| If you want to join (for free), see
| https://www.consumentenbond.nl/acties/facebook/aanmelden .
|
| Even if I only ever get a single euro from that case, that euro
| will feel better than making 1000's from regular work, and if
| it's ever paid out, I'll take my children out to dinner from it
| (I suppose I'll have to chip in the difference myself so that we
| won't have to split one item off the McD's dollar menu...) to
| celebrate that not all hope is lost.
| Sander_Marechal wrote:
| First time I have heard of this. I joined, thanks!
| wdb wrote:
| This news for me! Thank you for sharing :)
| ballenf wrote:
| FB's move strikes me as similar to Germany's pre-WWII invasions.
| Will take incredible popular, political will across the world to
| stand up to and won't come cheap to the countries that do it. But
| the cost of not doing it should be obvious in this framework.
|
| The whole issue is more akin to a treaty negotiation than a
| criminal law enforcement. The Austrian law side of things is just
| one of the tools available to exert power on FB. FB has their own
| levers to pull like they demonstrated in Australia.
|
| To think that this issue will be decided anything like a normal
| criminal case that just comes down to an interpretation of law
| and fact will cause extreme cognitive dissonance.
| osobo wrote:
| What is the cost to the EU of standing up to FB? Why is this an
| invasion? How is the Australian clash of news monopolies
| remotely like Austria upholding the law? How is this criminal
| law enforcement?
|
| You're not making much sense to me, tbh.
| judge2020 wrote:
| You're going to have a hard time comparing anything that
| doesn't involve death to the bad deeds of WWII Germany.
| varispeed wrote:
| I was not aware that there is actually something being done
| against some of the giants who think they stand above the law.
| It's going to be a test whether GDPR is worth its salt. If it can
| be bypassed by that simple T&C trick, then it's just has been
| another expensive waste of time. I have a feeling they will allow
| that as otherwise Facebook's predatory business model will make
| no sense until they find a way to trick users into consent. Given
| that people are just clicking the boxes without reading now, this
| could work...
| wongarsu wrote:
| > I have a feeling they will allow that as otherwise Facebook's
| predatory business model will make no sense until they find a
| way to trick users into consent
|
| Luckily European courts don't really give a damn about Facebook
| or their business model.
|
| It's not that European courts never play favorites with large
| companies, but Facebook isn't really known for paying a lot of
| taxes here and doesn't have many employees in Europe (at least
| an order of magnitude less than e.g. Volkswagen). Facebook is
| seen as a foreign company that doesn't know how to play by the
| rules, and was a major motivation for creating the GDPR in the
| first place.
| EastSmith wrote:
| I am wondering if a recent Apple announcement of a 1 bln
| investment in a Berlin tech-hub is so Apple can have a
| friendlier relationship with EU law.
| neskiredk wrote:
| Indeed, this will be important going forward. Living in EU,
| with local laws (denmark) being what they are. I hope the
| conclusion of this suit, will be similar to our laws that
| state: Any contract signed, that through its terms, makes you
| relinquish your state-afforded rights. Is by definition void.
|
| Example of a void contract: When Buying a used car, Salesmen
| makes you sign a contract: "No warranty nor cancelation of
| contract possible after purchase".
| pfortuny wrote:
| Mmhhh, is it _so strong_?
|
| I guess what is void is that specific clause. Otherwise, any
| vendor could include a clause saying "you relinquish some
| rights" just in the middle of the text and, _after the fact_
| , claim that the contract was void and require you to return
| an item (say, a car).
|
| So, I guess you mean that specific clause?
| tovej wrote:
| I believe this is how it typicaly works. At least the few
| laws I've read (Finnish law) voids the offending clauses,
| not the entire contract.
| bildung wrote:
| In German law that would, as a default, actually make the
| whole contract void, yes. Many contracts therefore contain
| a clause that hedges against that situation (i.e. something
| like "if one or more of these items is found void, the rest
| still applies")
| majewsky wrote:
| The legal term for this is "severability clause":
| https://en.wikipedia.org/wiki/Severability
| ("salvatorische Klausel" in German)
| jdmichal wrote:
| Specifically, the idea of a voided clause voiding the
| entire contract is sometimes a _feature_ -- severability
| is not always desired. A simplistic example would be a
| contract with two clauses, one specifying that A sends B
| widgets, and the other specifying that B sends A money.
| You would not want those to clauses to be severable.
| krsdcbl wrote:
| This specific case has a lot to do with Max Schrems & noyb
| pressing the issue to be litigated, he's a very engaged
| activist for privacy
|
| https://en.m.wikipedia.org/wiki/Max_Schrems
| Nicksil wrote:
| https://en.wikipedia.org/wiki/Max_Schrems
| dgellow wrote:
| Look at https://www.enforcementtracker.com/.
|
| Sort by fines desc :)
| skinkestek wrote:
| Wonderful, thanks!
|
| Now we are talking :-)
| tremon wrote:
| Some companies will never learn. Search for Vodafone, for
| example.
| 4ad wrote:
| A drop in the ocean.
| alkonaut wrote:
| Indeed. The regulation allows for pretty stiff fines I
| believe, so with fines this small for companies whose
| entire business model is persanal data (e.g. Google and
| Facebook but not an airline or retail chain) the math
| should be "How large should the fine be in order for it to
| cost MORE for this company, than actually complying".
|
| Complying with the GDPR isn't "free". It's like these
| companies belive "oh we can't possibly comply with that
| because it would hurt our bottom line!".
| dgellow wrote:
| Give it some time. H&M got a EUR35mio fine in November
| 2020 for a document from 2014 stored in a network drive
| that contained employees personal data. If you do not
| comply, the more you wait the more risky that becomes.
| TedDoesntTalk wrote:
| Do you know what is done with the money from these fines?
| Does it merely fund the enforcement teams (seems excessive),
| or is it put into some EU "general fund"?
| zaarn wrote:
| Generally they go into the coffers of the treasury of the
| country that issued the fine. This may be further directed
| to the EU but probably not.
| gampleman wrote:
| FB has a global revenue of ~$86B. Of which 4% is $3.44B.
| That would make a real mark on the budgets of the poorer
| half of EU countries.
|
| I wonder why there aren't more enforcement actions...
| varispeed wrote:
| It's a simple math - how many people are responsible for
| processing such case? 10-100? So let's say it is 100
| people. You only need like 100,000,000 EUR to make it go
| away by giving each one a 1M. Even if those people go for
| early retirement and new staff takes on the case, you can
| repeat this. Even if it happens every year you can do it
| for 34 years before the money exceeds the potential fine
| and meanwhile you'll make much more money as it gets
| pushed back. In reality you probably need to buy top 5-10
| people so they can keep pushing it back while being set
| for life.
| judge2020 wrote:
| This doesn't answer the question "does the money just sit
| in an escrow account forever or is it eventually spent
| somehow?"
| marmaduke wrote:
| Indeed. Working in research with human data, we spend a ton of
| time taking GDPR into account and it would be a huge
| disappointment to see a corp bypass that for profit when we for
| non profit research cannot.
| tyfon wrote:
| You can't really trick them into consenting either as the law
| specifies you need a informed consent. Just having a flag in
| the database that the user ticked without knowing what they
| agreed to does not qualify.
| varispeed wrote:
| I am referring to the fact that people click on the consent
| boxes without reading what they are agreeing to. I am not
| sure if informed consent is even possible at this stage. You
| can put all the details before the user and you will never
| know they read it. Maybe you could do a test to see if user
| read, memorised and understood, but still they can just click
| answers until it goes away.
| s_dev wrote:
| I have a feeling that GDPR is actually mostly about giving
| tools to reign in the tech giants rather than stomping on the
| little guys.
| blackbear_ wrote:
| Your feeling is wrong. As linked in another comment, [1] is a
| list of GDPR fines. As you can see, plenty of non tech giants
| in there.
|
| [1] https://www.enforcementtracker.com/
| fatnoah wrote:
| A fun fact is that no business likes additional regulatory
| overhead and risk, but larger companies are much more able
| to take on the costs associated with compliance.
| Jenk wrote:
| So far there is no suggestion of an ulterior motive. GDPR is
| just there to protect the privacy of EU citizens and that's
| that.
| s_dev wrote:
| >GDPR is just there to protect the privacy of EU citizens
| and that's that.
|
| From what exactly? You'll see where I was going when you
| try to answer that simple question.
|
| Because your answer will be -- tech giants.
| Jenk wrote:
| No, the answer is "Anyone infringes on those rights."
|
| It just so happens that some "Tech Giants" fit into that
| category.
| s_dev wrote:
| >No, the answer is "Anyone infringes on those rights."
|
| Nope a small American firm can infringe those rights and
| face zero consequences. A US Multinational with
| operations in Europe can't.
|
| So implicitly -- bigger companies are targeted as they
| have more of a global footprint.
| Jenk wrote:
| Nope.
|
| https://gdpr.eu/companies-outside-of-europe/
| s_dev wrote:
| Since you can't read your own link:
|
| >The second exception is for organizations with fewer
| than 250 employees. Small- and medium-sized enterprises
| (SMEs) are not totally exempt from the GDPR, but the
| regulation does free them from record-keeping obligations
| in most cases (see Article 30.5).
| alkonaut wrote:
| From having their information processed/sold without
| their consent. There is nothing implicit in the
| regulation that targets "tech giants".
| s_dev wrote:
| Nothing explicit* in the regulation -- but -- it IS the
| tech giants that egregiously guilty of:
|
| >From having their information processed/sold without
| their consent.
|
| The targeting of tech giants is implicit here.
| tremon wrote:
| Sure. That must be why the first fines were levied at a
| restaurant, a hospital and a bank.
| alkonaut wrote:
| Yes some of the tech giants are guilty of this. And some
| aren't. And also some non-giants are guilty of this. And
| some non-giants aren't. This is a possible kick in the
| nuts for Facebook and Google. It's not so much for Apple
| or Netflix, for example.
|
| I don't think it's fair to make the grouping "tech giants
| " here. It's the "ad-giants". It's the companies whose
| business model is personal information. It's a small
| subset of the tech giants. In fact, much smaller adtech
| companies probably have a lot more to lose from GDPR than
| fb and google have.
|
| Facebook, unlike a lot of online services, would still be
| able to target ads just because they know what people
| like without using any information people haven't
| consented to. A random news website on the other hand has
| to start showing me (a man) ads for women's clothing
| because news sites can't be as sure about my gender (or
| taste in fashion) as facebook is. So as weith so many
| things, I think the GDPR is just serving to reinforce the
| position of facebook, not the other way around.
| SaltySolomon wrote:
| Just a nit pick, its not at the supreme court, its at the highest
| court (Oberster Gerichtshof), the court below the supreme court,
| the Verfassungsgerichtshof.
|
| Its confusing, I know.
| datenhorst wrote:
| That's patently false. The Austrian judiciary is divided into
| general courts and courts of public law. The "Oberster
| Gerichtshof" is not "below" the supreme court, it's the highest
| court of a different branch.
| chris_wot wrote:
| Facebook has a "duty to provide personalized advertisement". How
| heroic!
| reaperducer wrote:
| _Facebook has a "duty to provide personalized advertisement".
| How heroic!_
|
| Perhaps the people at Facebook believe the oft-repeated HN meme
| about "Companies are required by law to maximize profit for
| shareholders!"
|
| The tech bubble is like politics: If you tell a lie enough
| times, it becomes the truth.
| murph-almighty wrote:
| "duty to irritatingly and creepily pester you to buy things"
| Barrin92 wrote:
| yeah had to laugh at that one too. I can only imagine the ad
| guys at Facebook show up like soldiers on the Galactica
| everyday and Zuckerberg gives a 'so say we all speech' to get
| us our daily dose of advertisements
| jacquesm wrote:
| It's very simple: you can not contract out of the law. So,
| assuming murder is illegal where you live, I can't contract you
| to murder me, even if I 100% agree that you should murder me and
| I pay you for it.
| vmception wrote:
| I love how people always create legal analogies that are the
| least relevant comparison to re-enforce a point that is not
| even universally true.
| colejohnson66 wrote:
| > Facebook now argues that it has a "duty to provide personalized
| advertisement" to the users, therefore, it does not need the
| user's consent to process his or her personal data.
|
| That's a bold move. Very user hostile. If users want personalized
| ads, then let them opt in.
| that_guy_iain wrote:
| > If users want personalized ads, then let them opt in.
|
| Let's be honest, if you're using Facebook you've basically
| agreed to personalised ads on some level. We all know their
| business model. Try convincing random joe that Facebook don't
| read their messages for ad purposes and you'll probably find
| most won't believe you.
|
| With that being said, Facebook also knows if their users are
| given a choice most will choose not to get personalised ads.
| That's why they fight so hard againist any privacy move.
| reaperducer wrote:
| _if you 're using Facebook you've basically agreed to
| personalised ads on some level_
|
| You don't have to join Facebook to be part of its data
| collection octopus.
| cratermoon wrote:
| > if you're using Facebook you've basically agreed to
| personalised ads on some level
|
| Yes, but no. Someone who joined Facebook in 2007 would have
| had very different expectations than someone joining in 2017.
| And there's a difference between "sure, send me personalized
| ads" and "sell everything you know about to me malicious
| actors"
| MaxBarraclough wrote:
| > if you're using Facebook you've basically agreed to
| personalised ads on some level
|
| The GDPR quite explicitly rejects the idea that this
| constitutes consent.
| that_guy_iain wrote:
| Actually, I believe it explictly includes this idea of
| consent. For example, they state that when you use a cart
| system you consent to the cookie because you knew it would
| be needed.
|
| But my point was more about the basic idea that people know
| Facebook is data mining them and use it anyways therefore
| the idea that you haven't opt'd into it is a bit silly. I
| wasn't talking about the legal point of view.
| MaxBarraclough wrote:
| _Consent requires a positive opt-in_ [0] but there are
| conditions that permit use of cookies without consent
| [1]. It seems clear to me that it was written with the
| intent of excluding advertising cookies while allowing
| shopping baskets to work even without consent, as you
| say. Facebook is contesting that its use of cookies falls
| under the _processing is necessary for a contract you
| have with the individual_ category, and so doesn 't
| require consent. Of course, if that's the case, the GDPR
| is truly toothless regarding tracking cookies.
|
| > my point was more about the basic idea that people know
| Facebook is data mining them and use it anyways therefore
| the idea that you haven't opt'd into it is a bit silly
|
| Another relevant point here is that we seem to keep
| focusing on cookies, but that's just a small part of the
| equation.
|
| [0] https://ico.org.uk/for-organisations/guide-to-data-
| protectio...
|
| [1] https://ico.org.uk/for-organisations/guide-to-data-
| protectio...
| rzzzt wrote:
| Object to legitimate interest! ...I find cookie dialogs that
| have an on/off switch _and_ such a button very confusing, but
| it sounds like it was created for these kind of situations.
| IANAL.
| mnw21cam wrote:
| No, they were created either out of a complete
| misunderstanding of the law, or as a way to try and weasel-
| word into being able to retain the information even when you
| do not consent. It's illegal.
|
| Either you have a legitimate interest in the data (by which I
| mean you have to use the data in order to do what the user
| explicitly asked you to do), at which point you can process
| the data without asking for consent, or you don't, at which
| point you must ask for consent, and you must not
| alter/degrade the user experience if you do not get it.
| oytis wrote:
| Legitimate interest is not necessarily what the user wants
| you to do. Storing data e.g. for preventing fraud is also a
| kind of legitimate interest.
|
| As a non-legal person I in all honesty can't understand why
| e.g. storing person's credit score is legitimate while
| storing their advertising profile isn't.
| amelius wrote:
| Why can't we have a fixed preference in the browser? (The do-
| not-track header field failed, but it still seems like the
| best solution)
| alkonaut wrote:
| I don't mind targeted ads, I mind targeting based on
| information I haven't explicitly given. I understand that since
| I joined a group for local mountainbikers, which is tagged that
| it is about "cycling", I can see ads for mountainbiking. They
| infer my interests from information I have given (age, groups,
| ...). That's fair game.
|
| I do NOT want to see a mountainbike ad, ever, because I browsed
| a random retailer for mountainbikes, or wrote a message about a
| mountainbike to a friend on messenger, or because a friend of a
| friend bought a bike on fb marketplace etc etc.
| colejohnson66 wrote:
| Yes. I agree. I like targeted ads. Ads on electronic
| engineering or computer science are nice because I actually
| enjoy those things. But just because I looked at something as
| a possible present for someone doesn't mean I want ads for
| weeks.
|
| Facebook goes really far on this. It seems even pausing your
| scrolling for a few seconds more than usual is enough for
| them to think I'm interesting. I'm not. I'm just trying to
| figure out if I want to read this post or not.
| varispeed wrote:
| Ok one more thing - what about the Facebook customers who are
| blissfully ignorant to what's going on and they buy advertising
| knowing about privacy abuse? I think the customers should also be
| fined as they benefit just as Facebook benefits.
| atleta wrote:
| They might act unethically, but legally it's not their
| responsibility. They may not have the means to figure out
| whether FB is obeying the laws (after all, this is what the
| court is trying to figure out). They also may or may not have
| another viable choice.
|
| They can indeed _expect_ facebook to act legally.
| varispeed wrote:
| Isn't what any accomplice would be saying? "I didn't know...
| I tought they are okay" despite all the fuss in the media...
| they still went for it.
| robertlagrant wrote:
| > I think the customers should also be fined as they benefit
| just as Facebook benefits.
|
| This is legal matter, not a witch hunt.
| varispeed wrote:
| A lot of people have been using Facebook ads so it is
| understandable that this direction will have a massive
| pushback from anyone who used them. But that means Facebook
| becomes a "fall guy" rather than justice being served.
| atleta wrote:
| Now this is gonna be expensive. And it very much shows why those
| stupid GDPR consent popups were worth it. (Let me quickly add
| that I do not like them either, but I'm fully aware that the UX
| for most of those are indeed the result of the companies
| operating the websites trying to side-step GDPR and force you
| into acceptance...)
| lanevorockz wrote:
| Don't put your hopes on Supreme Courts, they don't tend to really
| care about individual rights. It's all about politics and
| perceived public opinion. They just want to keep their power and
| fat salaries.
| oytis wrote:
| Framing targeted ads as contractual obligations to the user is
| pretty absurd, but I wonder if explicitly stating that being
| tracked is user's payment for the service can work. I've seen a
| couple of news websites doing that - you have to either agree to
| be tracked or subscribe to the paid plan.
| elliekelly wrote:
| > I've seen a couple of news websites doing that - you have to
| either agree to be tracked or subscribe to the paid plan.
|
| Do you have to agree to be tracked? Or agree to be served ads?
| Because there are plenty of paid services where you're promised
| no ads (and indeed aren't served any ads) and yet are tracked
| to the same extent as the free users. I don't think I've come
| across any services that allow you to pay not to be tracked.
| Only those that allow you to pay to avoid ads. It's frustrating
| because it's not the ads I have a problem with - it's the
| stalking.
| oytis wrote:
| I've just checked German zeit.de. They promise less ads and
| no tracking to paid users. Not sure how much do they stick to
| this promise.
| chmod775 wrote:
| Ah yes. The yearly reminder to companies that TOS still don't
| supersede EU law and aren't a magical way to weasel out of
| regulation.
|
| It's hard to sign away some consumer protections even with an
| actual, physical, signature - what makes companies think some
| legal mumbo jumbo that isn't worth its bytes on a drive will
| somehow do?
|
| Weaseling around consumer protections in their TOS to give
| Facebook a blank check to fuck over consumers? Yeah courts will
| just love that one.
| dahfizz wrote:
| For companies as large as Facebook, it must be economical to
| "bet" a relatively small sum of money on the long shot that
| they win the case.
| matsemann wrote:
| That's what the GDPR tries to solve by not having a fixed
| amount for the fines, but allowing them to go upwards of 2%
| of revenue.
| reaperducer wrote:
| _allowing them to go upwards of 2% of revenue._
|
| When it's a _minimum_ of 25% of revenue, the companies will
| take notice.
|
| Until then, it's just factored in like pencils and laptops
| and coffee: just another cost of doing business.
| [deleted]
| Nextgrid wrote:
| And this has yet to be enforced despite thousands of
| companies openly breaching it in bad faith.
| ben_w wrote:
| I remember many people on Hacker News being appalled that
| it could go as high as 2% of global revenue, and that
| others here pointed out that 2% global revenue was merely
| the maximum, and that most fines -- especially the
| initial ones or for relatively minor breaches -- would be
| much lower.
| tyfon wrote:
| For severe breaches the maximum is actually EUR20 million
| or 4% of global revenue [1] whichever is higher.
|
| For smaller breaches it is 2%.
|
| [1] https://gdpr-info.eu/issues/fines-penalties/
| cratermoon wrote:
| I still don't understand how a long TOS with a "click here to
| agree" passes legal muster. If I said here, "By reading this
| comment you agree I have a right to come into your house and
| eat all your food", any attempt I made to enforce that would be
| laughed out of court.
| neon_electro wrote:
| I don't think anyone would argue that it does pass legal
| muster; the problem is that these entities can get away with
| their behavior without appropriate enforcement for enough
| time that they are able to profit from their behaviors; the
| average contract writer seeking to eat all your food would
| not have enough time to profit from their contract before you
| would be able to enforce the law on them.
| KSteffensen wrote:
| > I don't think anyone would argue that it does pass legal
| muster
|
| As I read the article two lower courts in Austria do think
| the argument passes legal muster:
|
| > The two lower Courts in Austria however took the view
| that is solely in Facebook's discretion to claim a term to
| be a "contract" or "consent". Consequently they saw no
| issue with Facebook's bypass, but also held that the matter
| needs clarification by the Supreme Courts.
|
| Am I misunderstanding something?
| ocdtrekkie wrote:
| This will continue until the consequences ramp up to adequate
| levels. If the company is not threatening to leave the country
| over the law and paying "journalists" like Mike Masnick to
| complain about the law destroying the Internet as we know it,
| your law is too weak.
| josefx wrote:
| > what makes companies think some legal mumbo jumbo that isn't
| worth its bytes on a drive will somehow do?
|
| While they may "think" that officially I do not believe they do
| internally. Fact: Enforcement takes years. Fact: The fines are
| often tiny. Fact: They make billions while this goes through
| court. Conclusion: They have every bit of motivation to act
| dumb while raking in the money.
| [deleted]
| RobertKerans wrote:
| ...all the while, giving more time for lobbyists to harangue
| ministers for relaxation/rescinding of the regulations and
| (maybe this is just my cynicism causing me to see ghosts but)
| to push PR that is explicitly anti-regs
| posterboy wrote:
| So, letting them keep the earning is like letting a drug
| dealer keep the illicitly obtained earning--a criminal
| liability.
| Panino wrote:
| Yep. The whole thing reminds me of professional wrestling,
| with one person blatantly cheating, the entire public
| watching it happen, as the "referee" is pretending to be
| distracted by something else. So the public is going crazy,
| screaming at the ref to _look over there_ , all agreeing to
| pretend the match isn't a scripted act performed by a single
| party.
|
| And the entire public just stays, acting like they don't have
| something better to do.
| Terretta wrote:
| https://en.wikipedia.org/wiki/Kayfabe
| deepstack wrote:
| Weaseling around consumer protections indeed. Seems like
| something corporation do often. Check out this documentary it
| is quite insightful (e.g. The U.S. Chamber of Commerce (not a
| United States government agency, but a lobbying group for
| businesses)
|
| https://en.wikipedia.org/wiki/Hot_Coffee_(film)
| 1vuio0pswjnm7 wrote:
| "... what makes companies think some legal mumbo jumbo that
| isn't worth its bytes on a drive will somehow do?"
|
| Because in most cases it does (because the mumbo jumbo is never
| challenged). Users generally do not attempt to enforce their
| protections under the law against software or so-called "tech"
| companies. Unenforceable terms in EULAs and TOS can go
| unchallenged for decades. Schrems seems to be one of the very
| few users who is actually filing complaints.
|
| This case is a reminder that the user is not the customer.
| According to this summary, Facebook is arguing it has a duty
| under contract to its customers (advertisers) and that provides
| Facebook with an exemption under the GDPR from having to
| provide its users with a choice whether to consent. Customers
| have contractual rights they can enforce against Facebook.
| Generally, users do not. That is intentional on the part of
| Facebook.
| tyfon wrote:
| Yep, In Norway too there is a specific law that say consumers
| can't negotiate a worse deal than the actual consumer
| protection laws. This includes warranty and repairs too.
|
| I guess EU have something similar since we adopt a lot of the
| laws from the directives.
| novok wrote:
| Thats pretty standard in contract law in general. Ex: you
| cannot sign yourself into slavery, since slavery is illegal.
| Cant agree to work under min wage, etc
| ivanhoe wrote:
| AFAIK the laws dealing with a protection of rights almost
| always have such instruments implemented. You can't give up
| on the rights prescribed to you by the law as they're
| considered to constitute the bare minimum that's guaranteed
| to everyone.
___________________________________________________________________
(page generated 2021-03-15 23:02 UTC)