From tech giant Facebook to libraries and schools, organizations are now subject to the world’s most far-reaching data privacy regulation in a crackdown aimed at protecting people from losing control over their personal information.
It has occupied thousands of lawyers, taken years of planning and triggered billions of e-mails.
Mess up now and you can expect very little tolerance, said European Data Protection Board chair Andrea Jelinek, the Austrian in charge of policing the EU’s General Data Protection Regulation (GDPR), which took effect on Friday.
“If there are reasons to warn we will warn; if there are reasons to reprimand we will do that; and if we have reasons to fine, we are going to fine,” Jelinek, 57, told reporters ahead of the big day.
Asked about criticism that some regulators are more lenient than others, she said that “it was like that in the past, but it should not continue in the future.”
Privacy has moved from a niche topic to one of the biggest headaches for top bosses such as Facebook founder Mark Zuckerberg, who last week was grilled by EU lawmakers about how the data of about 87 million users and their friends may have been shared with a consulting firm with links to then-US presidential candidate Donald Trump’s US presidential campaign.
The pressure has been increasing on firms using or processing EU personal data in the run-up to the deadline. Privacy regulators across Europe for the first time get equal rights and responsibilities, and the same powers to mete out fines of as much as 4 percent of worldwide annual sales for serious violations.
Not everyone is willing to wait for Jelinek and regulators to flex their new powers.
Austrian lawyer Max Schrems, who has taken on Facebook many times and won a landmark EU court ruling in 2015, filed four complaints on Friday under the new rules, accusing Google, Facebook and also WhatsApp and Instagram of forcing users to agree to new privacy policies.
“Facebook has even blocked accounts of users who have not given consent,” Schrems said in an e-mailed statement. “In the end, users only had the choice to delete the account or hit the ‘agree’ button — that’s not a free choice, it more reminds of a North Korean election process.”
The 30-year-old’s group called “noyb” — for none of your business — filed what are likely the first GDPR complaints with national regulators in Belgium, France, Austria and Germany.
“We have prepared for the past 18 months to ensure we meet the requirements of the GDPR,” Facebook’s chief privacy officer Erin Egan said in an e-mailed statement. “We have made our policies clearer, our privacy settings easier to find and introduced better tools for people to access, download, and delete their information.”
Facebook’s “work to improve people’s privacy doesn’t stop on May 25,” Egan said.
EU nations will have to apply the same rules across the bloc, and give their data regulators complete independence.
“We don’t like to see any deviations which will go beyond the rules and spirit” of the rules, EU Justice Commissioner Vera Jourova said earlier in the month.
Facebook would dodge the tough new sanctions under the updated EU rules if any violations in the Cambridge Analytica case are proven because the rules do not apply retroactively.
Still, if companies “don’t stop on Friday, we can get them,” said Jelinek who leads Austria’s data privacy agency as well as board of regulators drawn from across the EU’s 28 nations.
She said she was expecting a big pile of complaints to be filed from day one of the new rules.
Regulators would “try to do our best” to deal with all complaints, she said.
She expects it would not be even two months until the first probes will be opened, but there would not be any fines right away.
Officials would not just be “popping in” to companies to slap a fine on them, she said.
“We are talking to the businesses, we have legal procedures to fulfill, we have to give them the opportunity to talk with us too,” she said.
It will be the start of a new era for everyone: “We are at the beginning of a journey, which we’re going to make together through the field of data protection,” she added.
The last few years have seen a “paradigm shift in awareness of data protection issues,” said Andrew Dyson, a lawyer at DLA Piper in London.
“You can’t open a newspaper without reading about the latest data breach, social media scandal or unethical marketing campaign. There is regulation, but it’s from a different era and increasingly looking toothless and out of date. The GDPR will reset the balance,” he said.
Companies “that get this right will establish high ethical standards, enhanced levels of consumer trust and be able to unlock the value of data,” he said. “Those who get it wrong face wrath of regulators, disgruntled customers and big constraints on digital innovation.”
Two sets of economic data released last week by the Directorate-General of Budget, Accounting and Statistics (DGBAS) have drawn mixed reactions from the public: One on the nation’s economic performance in the first quarter of the year and the other on Taiwan’s household wealth distribution in 2021. GDP growth for the first quarter was faster than expected, at 6.51 percent year-on-year, an acceleration from the previous quarter’s 4.93 percent and higher than the agency’s February estimate of 5.92 percent. It was also the highest growth since the second quarter of 2021, when the economy expanded 8.07 percent, DGBAS data showed. The growth
In the intricate ballet of geopolitics, names signify more than mere identification: They embody history, culture and sovereignty. The recent decision by China to refer to Arunachal Pradesh as “Tsang Nan” or South Tibet, and to rename Tibet as “Xizang,” is a strategic move that extends beyond cartography into the realm of diplomatic signaling. This op-ed explores the implications of these actions and India’s potential response. Names are potent symbols in international relations, encapsulating the essence of a nation’s stance on territorial disputes. China’s choice to rename regions within Indian territory is not merely a linguistic exercise, but a symbolic assertion
More than seven months into the armed conflict in Gaza, the International Court of Justice ordered Israel to take “immediate and effective measures” to protect Palestinians in Gaza from the risk of genocide following a case brought by South Africa regarding Israel’s breaches of the 1948 Genocide Convention. The international community, including Amnesty International, called for an immediate ceasefire by all parties to prevent further loss of civilian lives and to ensure access to life-saving aid. Several protests have been organized around the world, including at the University of California Los Angeles (UCLA) and many other universities in the US.
Every day since Oct. 7 last year, the world has watched an unprecedented wave of violence rain down on Israel and the occupied Palestinian Territories — more than 200 days of constant suffering and death in Gaza with just a seven-day pause. Many of us in the American expatriate community in Taiwan have been watching this tragedy unfold in horror. We know we are implicated with every US-made “dumb” bomb dropped on a civilian target and by the diplomatic cover our government gives to the Israeli government, which has only gotten more extreme with such impunity. Meantime, multicultural coalitions of US