The European Court of Justice (ECJ) has ruled that national competition authorities can review whether a data processing operation complies with the requirements set out in the General Data Protection Regulation (GDPR).
The case concerned the German Federal Cartel Office’s (FCO) decision to prohibit Meta Platforms Ireland from processing the off-Facebook data of its users without their consent. The FCO argued that this constituted an abuse of Meta Platforms Ireland’s dominant position on the German market for online social networks.
The ECJ upheld the FCO’s decision, stating that national competition authorities can review GDPR compliance in the context of an abuse of dominance investigation. However, the ECJ also clarified that national competition authorities must take into account any decisions or investigations by the competent supervisory authority pursuant to the GDPR.
The judgement adds that competition authorities can look at how companies comply with the GDPR when they are investigating whether a company is abusing its dominant position. And that decisions made by data protection authorities under the GDPR are important, and competition authorities should consider these decisions when they are investigating companies.
The sources for this piece include an article in CuriaEuropa.