GDPR is finally here, and it's already chaos

Austrian data privacy activist Max Schrems is quick off the mark and is already taking Facebook and Google to task under GDPR. The GDPR is aimed at protecting personal data and empower users to demand that companies have to come clean on personal data that they have or delete it.

Another big part of the regulations is that companies must have a lawful reason for collecting or processing any data.

"These authorities will forward them to the Irish Data Protection Commission, as provided for in the GDPR, if appropriate", said the spokesman.

Some companies will already have GDPR compliant forms of marketing consent.

Over the past few weeks, you may have noticed that most of the companies to which you've subscribed in the past have started sending you emails to agree to their new data processing terms.

Some American news publishers are struggling with Europe's new stringent privacy rules.

A report by the Ponemon Institute, which was published last month and examined more than 1,000 companies in the U.S. and European Union, found that two in five (40 per cent) thought they would not be entirely compliant until after 25 May, while a further 8 per cent said they did not know when they would be compliant. Under the right circumstances, you can even request to have your account deleted.

"Cultural differences around the world mean people use a seemingly similar site like Facebook in different localised ways".

Other companies may have simply warned you that their terms have changed and that you don't need to do anything beyond that. Google is embedding video (from its YouTube service, of course) to further explain the concepts. The intention of the European Union politicians wasn't to allow companies to claim that any data whatsoever can be called a "legitimate interest".

People in the bloc have been bombarded with dozens of emails asking for their consent to keep processing their data, and a privacy activist wasted no time in taking action against USA tech giants for allegedly acting illegally by forcing users to accept intrusive terms of service or lose access.

'You will also have more opportunities to make a claim for damage caused by the misuse of your data'.

Companies must keep evidence or documentation of having done such assessments and mitigate data breach risks. "Starting today, organisations must take a positive and ethical approach to advertising and customer personalisation that will rebuild and then strengthen the relationship with customers".

Studies suggest that many companies are not ready for the new rules. Breaches of some provisions of the new rules can result in fines of up to €20 million or 4 percent of a business' total worldwide turnover for the previous year. Until now, there has been little incentive for companies to protect customers' personal information.

Note that the rules are different depending on the data in question. "Companies need clarity to be able to safely extend operations across the EU".

Meanwhile, thousands of complaints have been filed against Facebook, WhatsApps, Instagram and Google hours after the new European Union data laws were implemented.

You've probably heard a lot about it (or at least ignored it) in your inbox, but today's the day!

Facebook CEO Mark Zuckerberg, for instance, promised "global settings and controls" for users during his USA congressional testimony in April, but was otherwise vague on the subject.

Facebook said it was committed to transparency and providing people with control over how their data is used. "Companies that have been making money from our data, have more responsibilities", Vera Jourova, Europe's top justice official, said Thursday.

  • Zachary Reyes