BERLIN (Reuters) – A group led by privacy activist Max Schirmes filed complaints on Monday with German and Spanish data protection authorities about Apple. AAPL.O The online tracking tool, saying it violated European law by allowing iPhones to store users’ data without their consent.
It is the first such large measure against a US tech group related to EU privacy rules.
The digital rights group Noyb, run by Schrems, has successfully conducted two notable privacy experiments against Facebook FB.O.
Apple said it was not in a position to comment immediately.
The California tech giant previously said it provides users with a higher level of privacy protection. It announced it would tighten its rules further with the launch of iOS 14 this fall, but said in September it would delay the plan until early next year.
Noyb’s complaints have been filed against Apple’s use of an automatically generated tracking code on every iPhone when it is set up, which is called the Identifier Advertiser (IDFA).
The code stored on the device allows Apple and third parties to track user online behavior and consumption preferences – which is vital for the likes of Facebook to be able to send targeted ads that spark user interest.
Apple places cookies that can be compared to a cookie in its phones without the user’s consent. “This is a clear violation of privacy laws in the European Union,” said Stefano Rossetti, Neub’s lawyer.
Rossetti referred to the European Union Directive on Electronic Privacy, which requires the prior consent of the user to install and use this information.
The planned new rules for Apple will not change this as they will restrict third-party access but not Apple’s.
Apple owns one in every four smartphones sold in Europe, according to Counterpoint Research.
Neub said the claims were filed on behalf of a German and Spanish consumer and were handed over to the Spanish data protection authority and its counterpart in Berlin.
In Germany, unlike Spain, each federal state has its own data protection authority.
Neither authority immediately responded to requests for comment.
Neub said the allegations were based on the 2002 Electronic Privacy Directive that allows national authorities to impose fines independently, as a way to avoid the lengthy procedures it faced in its case against Facebook that was based on the European Union’s General Data Protection Regulation (GDPR). .
The GDPR system launched in 2018 included a mandatory cooperation mechanism between national authorities, which Neub says has slowed progress.
Rossetti said the measure was aimed at establishing a clear principle that “tracking should be the exception, not the rule.”
Apple faced an antitrust complaint in France last month in which ad groups objected to planned privacy changes, saying they had given Apple an unfair advantage.
While Schrems scored legal victories in Europe against Facebook’s privacy practices, the American social network was able to adapt an online targeted advertising model.
(Reporting by Kirsti Knolle, Additional report by Douglas Busvine. Edited by Jane Meriman, Louise Heavens and Edmund Blair