Legislation/GDPR / Facebook & Google sued to the tune of £6.7bn for violating GDPR
Facebook & Google sued to the tune of £6.7bn for violating GDPR
31 May 2018 |
It has barely been a week since GDPR came into force in Europe, but lawsuits filed against the likes of Facebook and Google, totalling roughly £6.7 billion, has given us an indication of how the privacy legislation will keep social media giants and mass collectors of customer data on their toes.
Max Schrems, an Austrian privacy campaigner, has filed three lawsuits against both Facebook and Google, claiming that both internet giants are "deliberately" taking an "all or nothing" approach to privacy and that they are basically forcing their users into accepting their privacy policies.
"All or none" approach to privacy
"If this is what the controller has attempted, then this is nothing more than an aggressive and absurd attempt to deprive data subjects of their rights under Article 6(1)(a), 7 and 9(2)(a) of the GDPR, by wrapping this consent into civil-law arrangement. Any such “agreement” must be interpreted as what it really is: a consent provision camouflaged as a “contractual obligation” by the controller and moved into the civil-law terms," he said in the lawsuit filed against Facebook.
"The controller used additional “tricks” to pressure the users: For example, the consent page included two fake red dots (violation against Article 5(1)(a) – neither “fair”, nor “transparent”), that indicated that the user has new messages and notifications, which he/she cannot access without consenting – even if the user did not have such notifications or messages in reality," he added.
Huge fines under GDPR
Because of the said violations, Schrems stated in the suit that since Facebook earned a revenue of £30.23 billion, it must pay the maximum fine of £1.14 billion which is roughly 4 percent of the company's worldwide revenue.
As far as Google is concerned, Schrems alleged that the company, like Facebook, is also taking the "all or none" approach to privacy. Those buying new smartphones running Android operating systems are being asked to consent to all privacy policies or simply carry “a 1,000-euro brick” that just won't work.
Commenting on the twin lawsuits on Facebook and Google, Adrian Bisaz, VP EMEA at CyberProof said that thanks to GDPR, companies can become the target of millions of customers that want to make sure their new rights for privacy are met, and Facebook and Google as the most well-known tech giants are inevitably going to be in the crossfires when the lawsuits start rolling in, particularly in the wake of the Cambridge Analytica scandal.
"The interpretation of the new rules and the way companies (and indeed legislators) will react to these new demands might still take time to sort out. What is not in any doubt is that companies need to take these new regulations serious and make sure they comply to the regulations, otherwise it is not just fines that will become an issue but also companies reputation and consumers satisfactions," he added.
Latest posts by Jay Jay (see all)
- A third of UK businesses still struggling to process data access requests - 23rd May 2019
- TalkTalk failed to inform 4,545 customers that they were victims of 2015 breach - 22nd May 2019
- Google stops Huawei’s access to Android updates and Google services - 20th May 2019
- Ten cyber criminals behind GozNym malware operations indicted in the US - 16th May 2019
- Less than 1% of data breach investigations by ICO resulted in monetary fines - 16th May 2019