The GDPR aims to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business, and many companies, especially smaller firms, have been rushing to put measures in place in time for the May 25, 2018 deadline. For consumers the response has been mixed, some complaining about the need to re-subscribe to the mailing lists, others relived to be able to stop receiving unwanted digital messages from companies that they no longer have any interest in.
This relates to a key change as part of GDPR which means that, prior to the regulation a person could remain on a mailing list for ever, a consumer now needs to actively opt in if they want to continue receiving relentless spam / valuable updates from a given company (delete as applicable).
Within a couple of hours of GDPR going live, the BBC reports that dozens of complaints were issued against Facebook, Google, Instagram and WhatsApp. The complaints center on these four big players seeking to force “users to consent to targeted advertising to use the services.”
GDPR
The GDPR sets out seven key principles: lawfulness, fairness and transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality (security), and accountability. These principles should lie at the heart of your approach to processing personal data.
The general points of The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) were assessed in the Digital Journal article “European business needs to get smart about data protection.” However, there are choices that businesses need to consider in terms of practical application.
With the complaints against Facebook and others, the data privacy group noyb.eu (“None of Your Business”), which is led by activist Max Schrems, said people were not being given a “free choice” in relation to advertising targeted at them based on an analysis of their data drawn from their social media activities.
Schrems, according to The Verge, has filed lawsuits against the major technology firms which seek to fine Facebook 3.9 billion and Google 3.7 billion euro (roughly $8.8 billion in dollars). While Google and Facebook have rolled out new policies and products to comply with GDPR, Schrems contends that these policies do not go far enough.
