Australian court finds Facebook 'divorced from reality' as it tried to define doing business down under
This one was decided on the way the cookies crumbled
Australia's Federal Court has described Facebook's explanation of how its tech works as "divorced from reality" in ruling against it in a landmark privacy case.
Facebook tech made it before the bench because in 2018 The Office of the Australian Information Commissioner (OAIC) sued The Social Network™ over the This Is Your Digital Life app that funnelled data to Cambridge Analytica. Just 53 Australian Facebook users installed the app, but it accessed personal information describing over 310,000 Aussie users. In March 2020 the OAIC decided that warranted action against Facebook on privacy grounds because the 310,000-plus locals did not consent to info-sharing.
One of Facebook's defences in the case was that at the time of the data siphon it didn't do business in Australia, so was not bound by Australian privacy law.
That argument relied on the fact that Australians' data was not processed by an Australia-registered company and was processed by Facebook Ireland in datacenters located in the USA and Sweden.
Facebook also argued that the effect of cookies was "no different to a person sending a letter from overseas to Australia, with the effect that upon its receipt, the reader did something which had an economic impact." In the judgement, that logic was described as "divorced from reality" because it "has the result that no internet business based in one jurisdiction can ever carry on business in another."
The three justices who heard the case also noticed that Facebook's T&Cs include phrases such as "Cookies and things like local storage help make Facebook work, like allowing pages to load faster because certain content is stored on your browser or helping us authenticate you to deliver personalized content."
That language saw the judges conclude that given the purpose of cookies is to gather personal information – and doing so allowed Facebook to serve custom ads in Australia – the company was doing business in the land down under and therefore bound by Australian privacy laws.
- Grab some tissues: Meta's share price tanks after Facebook emits latest figures
- Privacy watchdogs from the UK, Australia team up, snap on gloves to probe AI-for-cops upstart Clearview
- Facebook’s in real trouble now: Australia’s opened a probe
- Hacked hookup site Ashley Madison's security was laughable
Facebook did have a minor win, on the issue of caching. A lower court had decided it was possible to infer that caching servers were operated by Facebook. The Federal Court decided that wasn't the case because the caches were leased, or operated by managed services providers, and only had the job of passing information offshore.
The decision allows the OAIC to serve legal documents on Facebook Inc. in pursuit of its privacy suit.
Australian Information Commissioner and Privacy Commissioner Angelene Falk welcomed the decision and said she was "looking forward to the hearing of substantive matters" pertaining to Australians' privacy. ®