Technology

Grandmother posting Facebook photos of her grandchildren violates GDPR privacy rule, court says

A grandmother in the Netherlands has until this weekend to remove photos of her grandchildren from her Facebook page, or she’ll face daily fines, after a judge found she was violating the European Union’s strict online privacy rules, the BBC reported.

The EU’s General Data Protection Regulation (GDPR) does not generally apply to personal or household information. But in this case, the grandmother was asked by her estranged daughter — the children’s mother— to take the photos down. The ruling stated that posting the photographs on social media could make them available to a wider audience.

“With Facebook, it cannot be ruled out that placed photos may be distributed and may end up in the hands of third parties,” according to the ruling. On May 13th, the court ordered the grandmother to take down the photos within 10 days or pay a daily fine of €50 (about $54.50) for every day the photos remain up, with a maximum fine of €1,000 (about $1,089).

Under GDPR, which went into effect in 2018, whenever a company collects personal data on a citizen of the EU, that company needs the person’s explicit consent. In its first two years, the stringent privacy law generated €114 million ($126 million) in fines and led to over 160,000 data breach notifications across Europe.