Facebook must grant a grieving mother access to her late daughter’s profile and private messages, Germany’s highest court for civil and criminal law has ruled.
In a landmark judgment for the treatment of social media data after the owner’s death, the federal court of justice ruled on Thursday that parents can inherit the contract between their child and a social media platform in the same way they would be able to inherit physical documents such as diaries and private letters.
“From an inheritance law view, there is no reason to treat digital content differently,” the court said.
The woman at the centre of the case has been engaged in a years-long legal battle with the internet company over access to the account of her daughter, who was killed by a train at a station in Berlin in 2012.
With police unable to determine whether the 15-year-old’s death was an accident or whether she killed herself, the woman had tried to access her daughter’s Facebook profile to look at her posts and private messages.
The circumstances of the death also have a bearing on a compensation claim by the driver of the subway train involved in the incident for immaterial damage.
The parents said they had the password to their daughter’s account because she had shared it with them in return for being allowed to open one when she was 14. But when trying to log into the account, they found the profile had been put into “memorialised” mode.
According to Facebook’s terms and conditions, “memorialised accounts are a place for friends and family to gather and share memories after a person has passed away”, with the word “remembering” shown next to the person’s name on their profile.
Children and tech
Laws governing children's relationship with technology vary worldwide, and are rarely enforced. The de facto age for many online services is 13, set by the US Children’s Online Privacy Protection Act in 1998, which prevents sites from targeting children, or knowingly allowing children to provide information online without parental consent. The burden of garnering that consent and the low returns for building services for children has meant, however, that providers tended to turn a blind eye to under-13s on their sites, neither catering for them nor policing their presence.
That said, tech aimed more explicitly at children has blossomed recently, and legislation that aims to protect children from potential harm has been passed. Schoolchildren in France are barred by law from using their phones in school.
Such laws are countered by efforts on the part of companies such as Facebook and Google to attract new users while young. Facebook offers Messenger Kids, which lets children speak to contacts vetted by their parents, while Google’s YouTube has a Kids app that offers copious parental controls and the ability to filter videos for all but the most child-safe content – although the filters, which are run by an algorithm, haven’t always been successful, prompting the company to announce a human-curated version.
Proposed guidelines to improve child internet safety in the UK from the Information Commissioner’s Office in their 'Age appropriate design code' include:
- Disabling 'nudge' techniques designed to keep children online for longer like 'streaks' on Snapchat or Facebook 'likes'
- Limiting how children’s personal data is collected, used and shared by social media companies.
- Making “high privacy” the default setting for children using social media platforms, including disabling geolocation tools and targeted advertising as standard, unless there is a compelling reason not to.
- Requiring social media companies to show that all staff involved in the design and development of services likely to be used by children comply with the code of practice.
- Introducing robust age verification checks on platforms or treat all users as if they are children.
Citing data protection laws, Facebook had refused to allow the woman to access the girl’s profile, despite a Berlin court ruling in her favour in December 2015.
After an appeal by Facebook, Berlin’s highest state court sided with the company in May 2017, which left open whether parents would still be able to read their offspring’s messages but not the replies of other users.
The judgment on Thursday, which annulled the 2017 ruling, made it clear that data protection laws in this case did not cover the deceased.
In a statement, a spokesperson for Facebook in Germany said the case had revealed the complex challenges of data protection.
“We feel [for] the family. At the same time we have to ensure that personal exchanges between people on Facebook are protected. We represented a different position in this dispute, and the drawn-out court case shows how complex the matter is in legal terms,” they said.
• This article was amended on 16 July 2018. The ruling was by the federal court of justice (Germany’s highest court for civil and criminal law), not the constitutional court in Karlsruhe as an earlier version said.
