Facebook Inc. scored a court victory in Germany in a dispute with a local data regulator over which nation’s laws apply to its European operations.
The administrative court for Schleswig-Holstein suspended enforcement of an order saying Facebook must let users register under a pseudonym. The order is most likely illegal and shouldn’t apply while Facebook fights it, the court said on a statement on its website today.
“The regulator wrongfully based its order on German data protection law,” the judges said. “Irish data protection law exclusively applies,” because Facebook handles the data in Ireland.
Facebook has been fighting orders from German regulators, arguing it’s only subject to Irish law which is generally less strict then German privacy rules. Facebook Ireland, in Dublin, is responsible for all the Palo Alto, California-based company’s users outside the U.S. and Canada.
Thilo Weichert, the state regulator who issued the pseudonym order, said he will appeal the ruling. German law clearly backs his order, he said in a statement on his website. Companies shouldn’t be allowed to withdraw to a European member state with “low data protection standard,” according to his statement.
European rules say German law doesn’t apply if the data is processed by a branch in another EU member state, the court said. Facebook’s German unit only works in marketing and sales and thus can’t trigger the application of German data protection law, the judges said.