News

Social Network Impersonator Fined by Spanish Data Protection Authority In New Exercise of Regulatory Authority

02 November 2011
Image
Image

On October 20th, the Spanish Data Protection Authority, the Agencia Espanola de Protecccion de Datos (AEPD), announced an unprecedented decision against an individual who impersonated someone on a social networking site and thus engaged in identity theft.  The AEPD fined the individual who had created a profile in a sexually-oriented social network using personal details of a third person, including that person’s name, surname, phone number, and photo.  Notably, the AEPD did not  proceed against the online host of the impersonator’s content.

The impersonation was found to be a processing of the impersonated individual’s personal data without his/her consent, constituting an infringement of the Spanish Data Protection Act 15/1999, of 13 December 1999.  While online impersonation has been the subject of judicial actions in Spain, this was the first exercise of the regulator’s authority under the data protection law. 

Online impersonation, especially of celebrities, is commonplace on web sites and social networks.  This new decision by the AEPD offers a new avenue of recourse for impersonated people and one that, given the substantial fining ability of the AEPD, should give pause to those contemplating impersonation.

The decision also may suggest that social networking sites and other hosts of impersonators’ content may not be the target of the AEPD’s enforcement actions, since in the recent action, the DPA went directly after the impersonator and not the host site of the impersonator’s content.

The Decision of the Spanish Data Protection Agency is published in Spanish and can be found here.

 

Authored by Pablo Rivas and Marta Jaureguizar

Contacts

bio-image

Eduardo Ustaran

Partner

location London

View more

Related topics

Related countries

Load more

Related keywords

Load more

Articles you may be interested in

image_1
News

EU Commission seeks stakeholder contributions to shape guidelines on GPAI models

25 April 2025
image_1
Insights and Analysis

End-to-end encryption: obstacle or pillar of national security?

07 April 2025
image_1
News

Latombe Case: First hearing for annulment of the EU-U.S. Data Privacy Framework

02 April 2025
image_1
News

Connected vehicles: CNIL’s consultation promotes driver’s consent over fraud and car theft

01 April 2025
image_1
News

Streamlined BCR approval: Understanding the EDPB's updated procedure

31 March 2025
image_1
News

The Data Chronicles | Unlocking the EU Data Act | What it means for connected products and related services

27 March 2025
image_1
News

Gender and GDPR: does the right to rectification override civil registry records?

25 March 2025
image_1
News

The Data Chronicles | Unlocking the EU Data Act | Impact on cloud providers and cloud users

20 March 2025
image_1
News

The Data Chronicles | Unlocking the EU Data Act | What you need to know

13 March 2025
left_arrow
right_arrow

Search

arrow
arrow

Register now to receive personalized content and more!

 

Register
close
See benefits
Register