It took only one day for complaints to be filed against Google and Facebook under the new General Data Protection Regulation (GDPR). When Mark Zuckerberg testified in front of members of the European Parliament, he insisted that Facebook was ready for Friday the 25th when the GDPR, which is the European Union’s new strict data privacy going into effect. The very first day, complaints against Facebook and Google with others alleging that the tech companies are in violation of the law.
The GDPR was passed in April 2016 and instituted stringent new rules on any company that held consumer data. The real purpose of this is to prevent mass mailing and targeting people for political purposes. You have people like Clapper now claiming he “personally” believes Russia tipped the election because millions of people saw its propaganda. Of course, Clapper did that to other elections outside the USA besides tapping phones of world leaders including Merkel. The old problem is those in government have always assumed the people are stupid sheep because they have lied to them for decades and gotten away with it. The GDPR is all about trying to prevent real freedom of speech in fear that the people might listen and rise up.
The complaints target the user agreements of Google and Facebook which are notorious for being long and complicated to ensure people do not read everything before they click agree. Companies like Facebook and Google are supposed to let you know precisely what kind of data they’re collecting and/or selling about you.
The Facebook owns WhatsApp and Instagram individually as well. The allegations against Facebook and Google claim they are violating the GDPR because they are adhering to the letter of the law and not the “spirit” of the law. That’s what lawyers are for. They alleged that the companies aren’t really offering consumers a choice. You must agree to let Facebook and Google collect enormous amounts of data on you, or you can delete their services. There is no middle ground. It is their way or the highway!
The GDPR expressly allows any data processing that is strictly necessary for the service. However, using the data additionally for advertisement or to sell it on to other companies requires the users’ free opt-in consent. There has been no change to their policy providing “informed consent” about what kind of data Facebook and Google are collecting. Clearly, they are profiling people gathering information that they do not actually “need” to provide their services. GDPR actually exempts collecting data that is really necessary for providing that service and that does not require consent. Go beyond that and anything else requires a free “yes” or “no” option.
The real pro at this tactic is of course government itself. The freedom to travel is limited not just by requiring a passport, but you cannot use a car unless you obtain a drivers license. There is no “choice” in this matter. You consent to get a license or you walk. Just about every other registration process involves the surrender of constitutional rights. For example, you have to register with the SEC or CFTC to get a license in the financial world. However, part of that process is you are “waiving” your rights to search warrants and self-incrimination. A regulator need not go to court to come into your office and audit you. So the license is their way or the highway the same policies being imposed and followed by Google and Facebook. We wonder where they got the idea from?
Both Google and Facebook have stated publicly that they have prepared to be compliant under GDPR. The question turns on their: “you agree or get lost policy”. Both Google and Facebook are in fact adhering to the letter of the law. The GDPR doe not PROHIBIT this policy of consent or get lost. So they are not really in violation. This will be interesting to watch.