EU's Strict Privacy Law Still Has Unclear Applications: Expert

Advertisement
Advertisement

While the General Data Protection Regulation went into effect in the European Union late last month, its real-world applications remain largely unclear and will only be identified with time, according to Travis Jarae, Chief Executive Officer of identity research and strategy firm One World Identity. The cybersecurity veteran told AndroidHeadlines that many unknowns remain following the introduction of GDPR; among other things, it remains to be seen how often will European authorities conduct compliance audits and what kind of fines can be expected. The new legislative framework allows for penalties reaching up to two percentage points of any individual violator's annual revenue, which would translate to billions of dollars in case the likes of Google and Facebook are found guilty of related transgressions.

Both of the world's largest advertising giants have already been targeted by day-one GDPR complaints which are likely to be the first major test for the new regulation. While the in-depth rulebook deals with a wide variety of data collection and management practices, as well as use cases, its main point is to ensure digital companies handle personal user information in a manner that values "lawfulness, fairness, transparency, accuracy,
and data minimization," Mr. Jarae said. Transparency is a particularly important aspect of GDPR as users are now able to request data any internet firm has on them and receive it in an accessible form, whereas the regulation also applies outside of the European Union and protects the political bloc's residents and nationals traveling abroad.

"For now, one of the best things consumers in the EU can do is exercise their rights," Mr. Jarae believes, adding that GDPR may not amount to much if individuals don't take their online privacy seriously as such indifference may lead to many violators going unpunished. The aforementioned complaints against Google and Facebook are now seeking to prevent the digital giants from forcing consent through service bundles and will almost certainly only be resolved in the court of law, according to OWI's CEO.

Advertisement