The sentence of 29 March 2021 of the Italian Council of State (in Italian) – which concluded the first group of the charges made by the Antitrust (“AGCM”) to Facebook for the unfair commercial practices carried out in relation to the use of the personal data of its users – contains some important legal assessments that cover general relevance.

In this second episode, we examine its contents.

 

Summary

 

AGCM_FB_Litigation process
Figure 1 – The long path of the ongoing dispute between AGCM and Facebook.

 

Evaluations of the Council of State

In addition to the specific issues concerning the conduct held by FB, the Council focused on some preliminary rulings that make the same a precedent of general interest, including:

  • the legal admissibility of the monetization of personal data, that is, if it can be marketed in the same way as a commodity
  • the scope of application of the GDPR, understood as a special and exclusive discipline (also in the sense that it excludes the application of other disciplines, such as consumer law).

 

Monetization of personal data

The debate regarding the legal possibility of considering personal data as a commodity of economic value and, therefore, marketable is almost contemporary with the recognition of the relationship between personal data and the data subject, as a fundamental right of the individual. If we ignore the legal nature of this relationship, in fact, the question would find an easy affirmative answer, as information is a movable asset which, if it has economic value, can well be the subject of a commercial transaction.

Therefore, it is precisely the nature of this relationship – legally protected at the highest levels as a fundamental prerogative of the individual “data subject” – that raises the question of whether he can sell his data, in the same way as a normal commodity.

 

 

The Weople case

The Editorial of 3 October 2019 gave the news of the Weople case, when in July 2019 the Italian Privacy Authority (Garante) brought to the attention of the European Data Protection Board (EDPB) the issue relating to “Weople”, the app that promises its members a remuneration in exchange for the transfer of their personal data.

The central aspect of this operation – which raised the Garante’s request for a common position in the EDPB – “concerns the delicate issue of the” marketability “of data, caused by the attribution of a real value to personal data” .

Weople is an app through which the earnings (fully operational, 90% of the profits) – obtained through the sale to third parties of the analysis and profiling services based on the consumption data recorded in the fidelity cards issued to the same users by commercial operators – would be shared with users. The source data would be acquired by Weople, in part, through direct provision by the data subjects and in part through the exercise by delegation of portability from other economic operators.

In this case, the economic remuneration of the personal data would be clear, attributing a real “countervalue” to the personal data.