First Day of GDPR - Google, Facebook, WhatsApp and Instagram Face Lawsuit of Multi Billion Dollars

Europe’s General Data Protection Regulation (GDPR) went into effect on May 25, 2018, Friday and technology leaders Google, Facebook, WhatsApp, and Instagram are already facing multi-billion dollar lawsuits for failing to comply with the regulation. On behalf of unnamed individuals affected by products such as Facebook, WhatsApp, Instagram, and Google’s Android operating system, pro-privacy advocate Max Schrems, an Austrian lawyer, filed the 3.9 billion euro lawsuit against Facebook and 3.7 billion euro lawsuit against Google. The total lawsuit sums up to approximately $9 billion.

Max has been a long-time critic of Facebook. According to him, the company has violated a provision of GDPR by compelling users to provide consent to share their personal data, and that the company has gone as far as blocking accounts of users who have not given consent. “In the end users only had the choice to delete the account or hit the agree button, that’s not a free choice, it more reminds of a North Korean election process,” he said in a statement published on TechCrunch.

This Tuesday, Facebook CEO Mark Zuckerberg, speaking at the Paris VivaTech conference defended the company’s advertising practices, arguing that the vast majority of people choose to opt in to make it, so that Facebook can use the data from other apps and websites that they are using to make advertisements better. However, Mark didn’t go as far as offering users a choice on declining advertising, and the only option right now is quitting the network.

Users filed a similar lawsuit against Google alleging that the company is forcing them to share their personal data to be able to use an Android device. Both Google and Facebook have refused to accept the allegations of GDPR non-compliance and violations, stating that they are fully in agreement and compliance with the new regulation. According to a Google spokesperson, they build privacy and security into their products from the very initial stages.

Facebook’s Chief Privacy Officer Erin Egan wrote in a statement sent to various media publications that they have made their policies clearer, their privacy settings easier to find and introduced better tools for people to access, download, and delete their information. Erin further highlighted that the company had been preparing for GDPR for the last 18 months and that their work to improve people’s privacy doesn’t stop on May 25. He went on to clarify that Facebook is building Clear History, a way for everyone to see the websites and apps that send the company information when a user uses them, clear this information from the user account, and turn off Facebook's ability to store it associated with the user account going forward.

In case, the allegations prove true, Google and Facebook stand to lose even more money, as regulators can impose a penalty of up to four percent of global revenue. The tough privacy laws have even forced some companies, like Pinterest-owned Instapaper, to temporarily shut down until it can comply. At this point, it’s hard to say if European regulators will impose strict penalties for first-time offences considering that GDPR just became effective.

Experts believe that enterprises may not immediately make billions of penalty payments. However, if any corporate is found to have intentionally violated the GDPR, a corresponding penalty under GDPR should be imposed. Since your data is the most important asset for your business, so implementing best practices for Data Security and Protection will ensure compliance with GDPR, keeping your company safe and protected.