German DPA orders Facebook to allow users to use pseudonyms

On July 28, 2015, the Hamburgische Beauftragte für Datenschutz und Informationsfreiheit, the Hamburg Data Protection Authority (“DPA”) adopted a decision against Facebook’s policy forbidding users to utilize pseudonyms for their accounts.

The German DPA issued an injunction against Facebook Ireland Ltd for infringement of the German Telemedia Act (Telemediengesetz), and the Personal ID Act (Personalausweisgesetz).

The order comes after Facebook blocked an account of a German citizen, and asked the owner to provide an official photo ID. Facebook then unilaterally changed the user’s profile, utilizing her real name. The owner of the profile, who did not want to use her name to avoid being contacted for business reasons, asked the DPA to intervene.

As a result, the DPA requested Facebook to allow users’ pseudonyms; stop disabling the accounts of users utilizing pseudonyms; refrain from unilaterally modifying the account to the real name of users; and stop requiring users to submit official photo identification documents for proof of identity.

According to Johannes Caspar, Hamburg Data Protection Commissioner, Facebook’s policy is against the applicable German legislation. The obligation to use real names violates the right of German citizens to use pseudonyms. The storage of digital copy of official photo IDs violates local regulations. Finally, the unauthorized modification of users’ names blatantly violates the self-determination right, as well as infringes the Federal Data Protection Act (see here). According to the Commissioner, if Facebook has an operating branch in Hamburg, it shall abide to local rules. The fact that the company’s policy does not infringe Irish law (where the company has its headquarters) does not allow it to overstep German rules.

The July 28, 2015, order is available (in German) at…

More information is available at and at…

For more info, Francesca Giannoni-Crystal

Follow us on& Like us on