Max Schrems (pictured) is a privacy campaigner who has already battled the US-EU Privacy Shield and Facebook. Today, the activist is launching legal broadsides against Apple, saying that the iPhone maker’s use of IDFA, IDentifier For Advertisers, is unlawful. Bloomberg reports that Nyob, Schrems’ organization, has lodged complaints to the data protection regulators in both Spain and Germany, saying that users did not consent to the code’s initial use.
Each iPhone comes with an individual IDFA, which behaves similarly to a browser cookie does for computers, letting third parties identify the user. The crux of Schems’ case is that, under EU law, individuals must consent to this tracking, but IDFA is activated by default inside iOS. This doesn’t relate to GDPR, but the e-Privacy Directive because, as privacy lawyer Stefano Rossetti says, Nyob is trying to avoid “endless procedures” and a long, drawn-out battle. In a statement, Nyob says that the “initial storage of the IDFA and Apple’s use of it, will still be done without the user’s consent.”
Apple’s use of IDFA has already been the subject of much gnashing and wailing this year, but on the side of the ad industry. It was originally envisioned as an opt-out system, but with the advent of iOS 14, Apple made it opt-in. Additionally, when an app was downloaded, the user would be told what was going on, and had to give express consent to its use. This upset so many advertisers that they have attempted to launch an antitrust complaint in France saying that it would be an “abuse.” Apple, notably, chose to delay the change to how it handles IDFA until 2021 to give the industries more time to adjust.
It’s not clear how seriously Apple should take a claim like this since it can point to plenty of evidence suggesting that it does take privacy seriously. But Schrems has developed a reputation as someone who can topple legal frameworks and policies made by some of the biggest and wealthiest companies in the world.