Facebook and Google hit with privacy lawsuits right as GDPR takes effect
Immediately after Europe’s sweeping General Data Protection Regulation went into effect this morning, a privacy group has filed lawsuits against Facebook Inc. and Google Inc. over alleged violations of the law.
The stakes in the legal battle to follow could be high. GDPR violations carry a maximum fine of either 20 million euros or 4 percent of a company’s total annual revenue, whichever is higher. This would amount to billions of dollars in the case of Facebook and Google.
The organization that filed the suits, Noyb, is an nonprofit led by prominent Austrian privacy advocate Max Schrems. The group argues that the way the two giants giants secure users’ agreement to collect their personal data violates GDPR provisions against “forced consent.” In particular, the complaints focus on the companies’ practice of making access to their platforms dependent on users accepting their terms of services.
Schrems didn’t mince words in describing his view of this practice. “Facebook has even blocked accounts of users who have not given consent,” he said in a statement. “In the end users only had the choice to delete the account or hit the agree button – that’s not a free choice, it more reminds of a North Korean election process.”
The question at the heart of the matter is whether or not collecting personal data, which Google and Facebook use to serve up targeted ads, is strictly needed for their services. Noyb believes that the answer is no. The group argues that GDPR consequently requires the companies to secure users’ “free consent” in order to use the information.
“It’s simple: Anything strictly necessary for a service does not need consent boxes anymore. For everything else users must have a real choice to say ‘yes’ or ‘no,’” Schrems said.
During a recent talk in Paris cited by TechCrunch, Facebook Chief Executive Officer Mark Zuckerberg said that his company hasn’t had to make major changes to comply with GDPR because “giving people control of how their data is used has been a core principle of Facebook since the beginning.” This might provide a clue as to the stance the social network will take in addressing Noyb’s lawsuits.
Facebook Chief Privacy Officer Erin Egan said in a statement that “we have prepared for the past 18 months to ensure we meet the requirements of the GDPR. We have made our policies clearer, our privacy settings easier to find and introduced better tools for people to access, download, and delete their information. Our work to improve people’s privacy doesn’t stop on 25 May.”
Google, in turn, commented that “we build privacy and security into our products from the very earliest stages and are committed to complying with the EU general data protection regulation. Over the last 18 months, we have taken steps to update our products, policies and processes to provide users with meaningful data transparency and control across all the services that we provide in the EU.”
Noyb has filed a total of four complaints against Google, Facebook, WhatsApp and Instagram. The group submitted the complaints to authorities in Austria, Belgium, France and Germany, countries known for taking a tough stance on privacy. On its website, Noyb said Ireland’s Data Protection Commissioner will likely get involved as well since that’s where Facebook’s European headquarters are located.
“It’s not surprising that the big tech companies are the first to face problems now that the GDPR is in effect,” commented Brian Vecci, a technical evangelist at cybersecurity company Varnois Systems Ltd. “They have the most data about the most people and their business depends on it—they were always going to get hit first and potentially hardest.”
Many organizations, he added, have taken a wait-and-see approach to the GDPR, “betting that they can fly under the radar for a while and save some money by not having to change much about how they secure this kind of data and keep it private. While many companies aren’t yet fully compliant, the ones that have taken clear steps will likely see far more lenient penalties for violations.”
Image: Pixabay
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU