As Europe’s tough new online privacy rules took effect Friday, lawsuits were filed almost immediately against several social media giants.
Facebook, Google, WhatsApp and Instagram have been sued for not being in compliance with Europe’s General Data Protection Regulations, CNN reported.
The lawsuits seek about $8.8 million combined from Facebook and its subsidiaries Whatsapp and Instagram, and from Google, The Verge reported.
“We’re looking for big companies that really willfully violate the law, that kind of try to ignore it and try to get away with it,” said Austrian lawyer Max Schrems.
Schrems filed suit against Facebook in Austria, against Whatsapp in Germany, against Google in France and against Instagram in Belgium.
The advent of Europe’s GDPR brought a deluge of privacy notices to users.
Schrems said that although Facebook and Google have adjusted their privacy policies, the changes do not go far enough to meet the terms of GDPR.
“(A)nything strictly necessary for a service does not need consent boxes,” he said, according to Britain’s The Register. “For everything else users must have a real choice to say ‘yes’ or ‘no.'”
Under GDPR, users must grant explicit consent for company’s to use their data. Users can also request their data from the tech giants and demand that data be deleted.
“Facebook has even blocked accounts of users who have not given consent,” Schrems said, according to CNBC. “In the end, users only had the choice to delete the account or hit the ‘agree’ button — that’s not a free choice, it more reminds (me) of a North Korean election process.”
The law allows fines that can hit 4 percent of global annual sales for each time a company breaks the rules.
“There is no grace period,” James Dipple-Johnstone, deputy commissioner of Britain’s data protection authority. “We will be looking at the algorithms they use to profit off data to make sure they are fair.”
The new rules require that users be able to opt out of giving up personal information. Schrems claimed tech giants violate that rule by having policies that offer an all-or-nothing choice instead of giving users options.
Michael Veale, a Technology Policy Expert at University College London, said that Facebook can still glean information that users may not want to share.
“Facebook has trackers on 40 percent of websites that are visited in the world,” Veale said. “So really, Facebook can infer things from the great amount of data it has about you from across your mobile devices and apps that also send data to Facebook. The law forbids Facebook from making these inferences without explicit consent.”
Facebook, however, sees things differently.
“We have prepared for the past 18 months to ensure we meet the requirements of the GDPR,” said a statement from Erin Egan, Facebook’s top privacy official. “We have made our policies clearer, our privacy settings easier to find and introduced better tools for people to access, download and delete their information.”
Truth and Accuracy
We are committed to truth and accuracy in all of our journalism. Read our editorial standards.