Read

Search form

How Europe's 'Breakthrough' Privacy Law Takes on Facebook and Google

How Europe's 'Breakthrough' Privacy Law Takes on Facebook and Google
Fri, 4/20/2018 - by Olivia Solon
This article originally appeared on The Guardian

Despite the political theatre of Mark Zuckerberg’s congressional interrogations last week, Facebook’s business model isn’t at any real risk from regulators in the US. In Europe, however, the looming General Data Protection Regulation will give people better privacy protections and force companies including Facebook to make sweeping changes to the way they collect data and consent from users – with huge fines for those who don’t comply.

“It’s changing the balance of power from the giant digital marketing companies to focus on the needs of individuals and democratic society,” said Jeffrey Chester, founder of the Center for Digital Democracy. “That’s an incredible breakthrough.”

Here’s a simple guide to the new rules.
 

What is GDPR?

It is a regulation that requires companies to protect the personal data and privacy of residents of EU countries. It replaces an outdated data protection directive from 1995 and restricts the way businesses collect, store and export people’s personal data.

“Consumers have been abused,” said David Carroll, an associate professor at Parsons School of Design in New York. “Marketers have succeeded in making people feel powerless and resigned to getting the short end of the bargain. GDPR gives consumers the chance to renegotiate that very unfair deal.”
 

Does it only affect European companies?

No. It applies to all companies that process the personal data of people residing in the European Union.
 

What counts as personal data?

Any information related to a person that can be used to identify them, including their name, photo, email address, IP address, bank details, posts on a social networking site, medical information, biometric data and sexual orientation.
 

What new rights do people get?

Under GDPR, people get expanded rights to obtain the data that a company has collected about them for free through a “data subject request”. People will also have the “right to be forgotten”, which means companies must delete someone’s data if they withdraw their consent for it to be held. Companies will only be able to collect data if there’s a specific business purpose for it, rather than collecting extra information at the point of sign-up just in case.

“It makes companies become much more thoughtful and rigorous about the data they collect and what they use it for,” Carroll said.

Companies will have to replace long terms and conditions filled with legalese with simple-to-digest consent requests. It must be as easy to withdraw consent as to give it. Finally, if a company has a data breach, it must inform users within 72 hours.

“What makes this a potential game changer is the amount of power it places into the hands of the public,” said attorney Jason Straight, who is chief privacy officer at legal services company UnitedLex.
 

What about people outside of Europe?

Although it only applies to residents of the EU, the new rules will probably put pressure on companies to offer further protections for the rest of their users. Facebook, for example, has pledged to .

“This will be good for everyone,” said Kris Lahiri, co-founder at the cloud-sharing company Egnyte, pointing out that global customers will demand the same rights as their European counterparts.
 

Which companies have the most work to do?

The big data-hungry technology platforms like Amazon, Google and Facebook and advertising technology companies such as Criteo, whose technology powers those ads featuring products you’ve browsed online that follow you around the internet.
 

What is Facebook doing to comply?

Having said it would follow GDPR “in spirit”, Facebook’s actions tell a different story. On Wednesday Reuters reported that the company would change its terms of service so that its 1.5 billion non-European users would no longer be covered by the privacy law. Until now, all users outside of the US and Canada have been governed by terms of service agreed with the company’s international headquarters in Ireland. Since any user data processed in Ireland will soon fall under GDPR, Facebook is changing the agreement so users in Africa, Asia, Australia and Latin America are governed by more lenient US privacy laws.

Where it needs to comply with GDPR, Facebook seems to have focused its efforts on getting user consent for its data collection practices (including facial biometric data) rather than reducing the data it collects. It has developed a sequence of consent requests that explicitly outline how each type of data will be used. However, as TechCrunch highlighted, the company has designed these requests in a way that makes it harder to opt out than opt in.
 

What about startups who don’t have the same resources?

Complying with GDPR may be a little onerous for companies that don’t have the engineering resources of Facebook or Google. According to a PwC survey, 68% of US companies expect to spend between $1 million and $10 million to comply with GDPR.

And there’s another way they’ll get stung: GDPR consultants charging enormous fees for patchy advice.
 

What are the penalties for companies that don’t comply?

Companies can be fined up to 4% of annual global revenue, but it will come down to how regulators in individual countries choose to enforce the law.
 

When does it come into effect?

The twenty-fifth of May 2018. That’s too early for some: “There’s a panic mode setting in as everyone is getting closer to this deadline,” said Lahiri.
 


Originally published on The Guardian

Sign Up

Article Tabs

Fearless Cities, municipalist radicalism, urban power, radical democracy, Spanish municipalism, xenophobia, migrants welcome,

Looking at the growing municipalist movement on display at Fearless Cities, it's useful to think of it as a network movement, where every city is looking to build autonomy locally while thinking globally.

This week on Act Out!, we sit down with Jen Deerinwater to discuss the colonialist paradigm, anti-native behaviors in the everyday, and two-spirits in a singular world.

Heathrow Airport expansion, Heathrow runway, carbon emissions, environmental costs, U.K. airport jobs

UK government figures forecast that if a third runway is developed at Heathrow, aviation CO2 emissions will rise by 7.3 million tons by 2030.

ocean pollution, plastics pollution, consumerism, recycling, ocean garbage patch

Every minute, an amount of plastic equal to a full garbage truckload is deposited in our oceans. That is set to increase tenfold by 2020, and by 2050, the weight of all the plastic in the oceans will exceed the weight of all the fish.

astroturfing, fake movements, Koch brothers, Entergy New Orleans, gas power plants, paid protesters, Tea Party

In a textbook case of astroturfing, the sub-contractor of a local power utility in New Orleans paid people to act as supporters of a proposed $200 million gas-fired power plant.

Paid Off

TruTV’s student debt-themed game show is an admirable concept. That doesn’t make it any less horrifying to watch.

Fearless Cities, municipalist radicalism, urban power, radical democracy, Spanish municipalism, xenophobia, migrants welcome,

Looking at the growing municipalist movement on display at Fearless Cities, it's useful to think of it as a network movement, where every city is looking to build autonomy locally while thinking globally.

Donald Trump, Vladimir Putin, Russia election meddling, Trump Russia collusion

With a summit ahead, Trump works with Putin to cover up Moscow’s attack on the US.

Former U.S. Treasury Secretary Timothy Geithner discusses his book Stress Test: Reflections on Financial Crises during the Politico Playbook Lunch at The Hamilton May 19, 2014 in Washington, D.C. (Photo: Chip Somodevilla/Getty Images)

"Your economy, rigged to redistribute wealth to the top." Geithner's private equity firm Warburg Pincus mass-mails loan checks to low-income Americans, hides exorbitant interest rates in the fine print, and quickly sues those who fail to repay the loan and interest in time.

This week on Act Out!, we sit down with Jen Deerinwater to discuss the colonialist paradigm, anti-native behaviors in the everyday, and two-spirits in a singular world.

Fearless Cities, municipalist radicalism, urban power, radical democracy, Spanish municipalism, xenophobia, migrants welcome,

Looking at the growing municipalist movement on display at Fearless Cities, it's useful to think of it as a network movement, where every city is looking to build autonomy locally while thinking globally.

Posted 3 days 8 hours ago
Hundreds of white nationalists, neo-Nazis, and members of the “alt-right” march during the “Unite the Right” rally on Aug. 12, 2017, in Charlottesville, Va. Photo: Chip Somodevilla/Getty Images

Just because white supremacist rallies cannot and will not be banned by the state does not mean they should proceed without opposition.

Posted 5 days 7 hours ago
Former U.S. Treasury Secretary Timothy Geithner discusses his book Stress Test: Reflections on Financial Crises during the Politico Playbook Lunch at The Hamilton May 19, 2014 in Washington, D.C. (Photo: Chip Somodevilla/Getty Images)

"Your economy, rigged to redistribute wealth to the top." Geithner's private equity firm Warburg Pincus mass-mails loan checks to low-income Americans, hides exorbitant interest rates in the fine print, and quickly sues those who fail to repay the loan and interest in time.

Posted 3 days 9 hours ago
Heathrow Airport expansion, Heathrow runway, carbon emissions, environmental costs, U.K. airport jobs

UK government figures forecast that if a third runway is developed at Heathrow, aviation CO2 emissions will rise by 7.3 million tons by 2030.

Posted 5 days 5 hours ago
ocean pollution, plastics pollution, consumerism, recycling, ocean garbage patch

Every minute, an amount of plastic equal to a full garbage truckload is deposited in our oceans. That is set to increase tenfold by 2020, and by 2050, the weight of all the plastic in the oceans will exceed the weight of all the fish.

Posted 5 days 21 hours ago
Hundreds of white nationalists, neo-Nazis, and members of the “alt-right” march during the “Unite the Right” rally on Aug. 12, 2017, in Charlottesville, Va. Photo: Chip Somodevilla/Getty Images

Just because white supremacist rallies cannot and will not be banned by the state does not mean they should proceed without opposition.

The world is not only facing climate “change,” we are facing a climate crisis. For 30 years, scientists have warned that we were changing the climate. Now those predictions are coming true with a vengeance.

Dodd-Frank Act, Glass-Steagall Act, financial speculation, Wall Street greed, bank regulations, too big to fail

Eliminating the bill was a top priority for Trump. So why did any Dems vote for it?

This week on Act Out!, we sit down with Jen Deerinwater to discuss the colonialist paradigm, anti-native behaviors in the everyday, and two-spirits in a singular world.

Former U.S. Treasury Secretary Timothy Geithner discusses his book Stress Test: Reflections on Financial Crises during the Politico Playbook Lunch at The Hamilton May 19, 2014 in Washington, D.C. (Photo: Chip Somodevilla/Getty Images)

"Your economy, rigged to redistribute wealth to the top." Geithner's private equity firm Warburg Pincus mass-mails loan checks to low-income Americans, hides exorbitant interest rates in the fine print, and quickly sues those who fail to repay the loan and interest in time.