 |
| Facebook chief Mark Zuckerberg tells the US House Committee on Energy and Commerce how the company will boost personal data protection as the EU's General Data Protection Regulation (GDPR) comes into effect May 25 (AFP Photo/ SAUL LOEB) |
Brussels (AFP) - New European Union data protection laws take effect on May 25 to protect users' online information, in what Brussels touts as a global benchmark after the Facebook scandal.
The laws
will cover large tech companies like Google, Twitter and Facebook that use
personal data as an advertising goldmine, as well as firms like banks and also
public bodies.
One major
change is that consumers must explicitly grant permission for their data to be
used, while they can also specifically ask for their personal information to be
deleted.
Firms face
huge fines of up to 20 million euros ($24 million) or four percent of annual
global turnover for failing to comply with the EU's General Data Protection
Regulation (GDPR).
"It's
your data -- take control," the European Commission, the EU's executive
arm, urges the bloc's 500 million citizens in guidelines for the new rules.
The case
for the new rules has been boosted by the recent scandal over the harvesting of
Facebook users' data by Cambridge Analytica, a US-British political research
firm, for the 2016 US presidential election.
Facebook
chief Mark Zuckerberg told US lawmakers last month the firm plans to fall into
line with the EU rules as it seeks to rebuild its reputation after the breach,
which affected 87 million users.
'Living
in a jungle'
The scandal
has proved a godsend for the EU.
EU Justice
Commissioner Vera Jourova told AFP in an interview that the incident fueled
"a campaign" for the new European law in a way that she could never
have done.
She said
the EU was setting a global benchmark for data protection as many Americans who
once criticised Europe as too set on regulation now see the need for the GDPR.
 |
European
Justice Commissionner Vera Jourova faces the press ahead of the
May 25 coming
into force of the bloc's General Data Protection Regulation (AFP
Photo/Emmanuel
DUNAND)
|
The
Facebook scandal showed "that we really are living in the kind of jungle
where we are losing ourselves," the Czech commissioner added.
But not
everything has run smoothly.
At least
eight of the 28 EU countries will not have updated their laws by May 25.
The lack of
preparedness comes despite the fact that the new laws were officially adopted
two years ago, with a grace period until now to adapt to the rules.
This
"will create some legal uncertainty," Jourova said, blaming countries
for neglect rather than resistance to the law.
Facebook,
WhatsApp, Instagram and Twitter have all started in the last few weeks to alter
their terms of use, but the situation appears more complicated for small- and
medium-sized firms.
'Brave
choice'
In Germany,
the chamber of commerce and industry expressed fears smaller companies may
react defiantly to what they call "excessive red tape" under threat of
fines.
The new EU
law establishes consumers' "right to know" who is processing their
information and what it will be used for.
Individuals
will be able to block the processing of their data for commercial reasons and
even have data deleted under the "right to be forgotten."
They will
have to be warned when there is unauthorised access, with the law establishing
the key principle that individuals must explicitly grant permission for their
data to be used.
Parents
will decide for children until they reach the age of consent, which member
states will set anywhere between 13 and 16 years old.
In return,
EU officials argue that digital firms will benefit from regulation that
restores consumer confidence and replaces the patchwork of national laws.
European
leaders have backed the new laws.
French
President Emmanuel Macron said in a speech in Germany last week that he
welcomed the "brave choice" of the new law, calling it a cornerstone
in a new "digital sovereignty."
No comments:
Post a Comment