In the case of massive tapped user data on Facebook, the Higher Regional Court of Hamm made a first leading decision. The judges certified that Facebook violated data protection regulations, for which the parent company Meta had to be liable – but the complaining user went away empty-handed. The court announced on Wednesday that she was unable to demonstrate the damage she had suffered as a result of the data theft. There are many almost identical lawsuits throughout Germany. For the first time, a higher regional court has dealt with the issue in what is probably the last instance.

Years ago, unknown persons had exploited a friend search function on the social network and thus tapped data from around 500 million users – including names and telephone numbers.

The judges in Hamm were convinced that Facebook violated data protection regulations. When the data theft became known, Meta also “did not take obvious measures to prevent further unauthorized data access” despite concrete knowledge, the judges criticized. However, the affected users would only be entitled to compensation if the data theft had resulted in a “personal or psychological impairment”.

The verdict is not yet legally binding. However, the court did not allow an appeal.