Facebook and Google have been hit with a barrage of lawsuits on the first day of GDPR enforcement. The lawsuits accuse the companies of constraining users into sharing their personal data. Filed by Austrian privacy activist Max Schrems, a steadfast cynic of the two companies’ data collection practices, the lawsuits seek to fine Google 3.7 billion euro and Facebook 3.9 Billion Euro (approx. a staggering $8.8 billion USD, collectively).
Interestingly, the lawsuits have been broken up into specific products, while one was filed against Facebook, two others were against its WhatsApp and Instagram subsidiaries. A fourth lawsuit was filed against Google’s prized Android operating system.
GDPR or General Data Protection Regulation (GDPR) addresses the export of personal data outside the EU besides being a regulation in EU law on privacy and data protection for all individuals within the European Union.
Despite the fact that both Google and Facebook have introduced new policies and products for complying with GDPR, Schrems’ complaints argue the new policies aren’t suffice.
Particularly, one complaint singles out how many companies slyly obtain consent for the privacy policies by asking users to check a box to fully access their services. The complaint argues that such practices leave the users with an all-or-nothing choice which is in direct violation of the GDPR’s provisions viz. particularized consent.
Both the tech giants have contested the charges, arguing that “existing measures” were enough to meet GDPR requirements.
Meanwhile, Google released a statement saying, “We build privacy and security into our products from the very earliest stages and are committed to complying with the EU GDPR.” Facebook, too, offered a defense on similar lines, saying, “We have prepared for the past 18 months to ensure we meet the requirements of the GDPR.”