Happy GDPR Day! Google, Facebook hit with $8.8 billion in lawsuits

Facebook and Google at top of GDPR complaints list

Lenders ready for EU data rule: Koo

The reason for this is that the European Union has passed sweeping new online privacy regulations, and the rules will give EU residents greater control over their online data.

"Facebook gave users the choice of deleting the account or pushing a button [to agree], that is blackmail, pure and simple".

For weeks, businesses as varied as Uber, bike shops and restaurants have been sending notes to alert people to updated privacy policies as a result of the law, known as GDPR.

Several firms experienced real-world problems over complying with the EU laws, with USA newspapers owned by the Tronc group, formerly known as Tribune Publishing, saying that they were blocked to Europeans for now.

Facebook Inc (NASDAQ:FB) could once again find itself in hot water with regulators, this time due to new privacy regulations in Europe.

It adds that the company is trying to "identify technical compliance solutions that will provide all readers with our award-winning journalism".

The decision illustrated that some companies would prefer to lose European customers than risk being hit with the stiff penalties allowed under the new law: Fines can reach 4 percent of global revenue.

British attorney Gabriel Voisin, whose firm Bird & Bird revised 500 online privacy policies over the last two years to check their GDPR compliance, said on Wednesday that his team was still working overtime with 50 websites in "a flurry of last minute adjustments".

GDPR also restricts the data that can be collected by companies to only that information which is necessary for the company to provide their services.

That said, the GDPR's collective redress provision is a component that Member States can choose to derogate from, which helps explain why the first four complaints have been filed with data protection agencies in Austria, Belgium, France and Hamburg in Germany - regions that also have data protection agencies with a strong record defending privacy rights. In GDPR legal language, a data subject is a person, and they have the right to make certain requests on "Data Controllers", which are the people or organizations that store data about the subject.

A Google spokesperson said: "We build privacy and security into our products from the very earliest stages and are committed to complying with the EU General Data Protection Regulation".

"We've been cooking for the past 18 months to make sure we meet GDPR requirements", said Erin Egan, who is in charge of personal data protection on Facebook. For instance, if this had happened previous year, Google's parent company, Alphabet would have been charged to pay $4.4 billion, while Facebook's fine would be $1.6 billion. Additionally, the suits argue that the data the services collect - using questionable consent practices - is not strictly necessary for the service being pitched. The worst case for Google and advertisers would be users refusing to allow sharing of their personal data.

The European law on data privacy has come into force from today, May 25, 2018. It also addresses the export of personal data outside the European Union and EEA. The new consent flow Facebook revealed ahead of GDPR only offers the "choice" of quitting Facebook entirely if a person does not want to accept targeting advertising.

The law says individuals must explicitly grant permission for their data to be used.

Latest News