Facebook and Google accused of GDPR 'forced consent'

Adjust Comment Print

The big difference is that now, the companies will have to justify why they're collecting and using that information.

"In order to comply properly with the new regulations, companies in the enterprise tech space must demonstrate that they can put the right processes and policies in place to offer exceptional data security", he said. His lawsuit eventually brought down the Safe Harbor agreement and he's now in another lawsuit that may end up invalidating the new Privacy Shield and other loopholes American companies have found to avoid properly complying with European Union data protection laws.

And when the security of our data is breached, such as in the case of a ransomware attack, the relevant data protection authority (in the United Kingdom that's the Information Commissioner's Office) must be notified straight away.

But for some companies, the expense of making sure they comply with the new rules was simply too much.

Schrems has been fighting Facebook over data protection for nearly a decade.

By mid-morning, European readers trying to access the websites of media outlets owned by the U.S. Tronc publishing group were greeted by a message saying they were "unavailable in most European countries".

The next battleground with the company is GDPR.

The GDPR clarifies and strengthens existing individual privacy rights, such as the right to have one's data erased and the right to ask a company for a copy of one's data. The entity is chaired by Max Schrems, who as a law student brought the case against Facebook that caused the downfall of the US-EU data Safe Harbor agreement.

More news: Rare Nipah virus claims fourth family member in India
More news: Iran's top leader vows to defeat US fresh anti-Iran move
More news: Donald Trump Cannot Block People on Twitter, US Judge Rules

NPR's website is requiring visitors in Europe to agree to its tracking policy before they can enter. Well, it governs when our personal data can be lawfully collected, stored and used by others.

Testifying in front of the European Parliament leaders on Tuesday, Facebook CEO Mark Zuckerberg insisted his company would follow the new regulations.

Under the rules, companies working in the European Union - or any association or club in the bloc - must show they have a lawful basis for processing personal data, or face hefty fines.

Most online services previously tended to enable all of their data gathering checkboxes by default, because that's how they could get the most users to "agree" to that collection.

Separately Facebook and Google already face their first official complaints under the new law after an Austrian privacy campaigner accused them of effectively forcing users to give their consent to the use of their personal information.

Google and Facebook are already facing formal complaints that they're in violation of the new privacy rules, the penalty for which can be millions or even billions of euros.

The GDRP, which came in effect Friday, mandates disclosures about the way companies utilize the data of their users. He's taking legal action to ensure GDPR is properly enforced. "Is it necessary for me?" said Julian Jaursch, of the Digital Society.

- A solicitor said she had received numerous calls from people asking if they would be in breach of the law by passing her details to a colleague/friend/business associate looking for personal data advice.