General Data Protection Regulation (GDPR) has finally come into effect in Europe, two years after it was formulated as a means to protect the online privacy of EU citizens.
Google, Facebook Accused Of Violating European Privacy Law: GDPR
Facebook and Google have become the targets of the first official complaints of GDPR noncompliance, filed on the day the privacy law takes effect across the EU.
So what are Facebook and Google allegedly doing to violate the GDPR?
Privacy advocates in Europe say that instead of adhering to the letter of the law, companies aren’t really giving consumers a choice; you can either agree to let Facebook and Google collect enormous amounts of data on you, or you can delete their services. There is no middle ground.
This is it.
Today, our EU #DataProtection rules enter into application, putting the Europeans back in control of their data.
Europe asserts its digital sovereignty and gets ready for the digital age.
Read our statement → https://t.co/P19IRPWfqv #GDPR pic.twitter.com/hwCKSj2TjE
— European Commission 🇪🇺 (@EU_Commission) May 24, 2018
The complaints about Google, Facebook and Facebook’s subsidiaries come from a group called None Of Your Business (NOYB)—a non-profit founded by the very successful serial Facebook litigant Max Schrems. To understand why the cases were filed, one has to know how the new regulations work in the first place. GDPR only allows companies to access user-data if they have valid legal grounds to do so, including court orders or voluntary consent. It is this second aspect that they are now being accused of misusing, with Schrems accusing the companies of providing users with a false choice.
The GDPR threatens companies with massive fines for breaking its many terms—up to €20 million ($23.4 million) or 4% of global revenues, whichever is bigger. While these are big, scary figures, though, it is deeply unlikely that fines will be that high in any but the most egregious cases.