News > Capital Markets, FinTech

Facebook, Google, Instagram and WhatsApp Already Hit With Legal Complaints Tied to GDPR

By NexChange
Capital Markets, FinTech

The European Union’s General Data Protection Regulation (GDPR) just went into effect on Friday, but lawyers have already gone after some of the biggest tech names in Silicon Valley over alleged violations of the sweeping new rules.

NOYB, the European Center for Digital Rights, which is led by Austrian lawyer and privacy activist Max Schrems, has filed legal complaints against Facebook, Google, Instagram and WhatsApp, accusing the companies of “forced consent,” or forcing users to accept new privacy policies, “often combined with a threat, that the service [can no] longer be user if user do not consent.”

NOYB expounds on the GDPR regulations here:

GDPR prohibits “bundling” The GDPR prohibits such forced consent and any form of bundling a service with the requirement to consent (see Article 7(4) GDPR). Consequently access to services can no longer depend on whether a user gives consent to the use of data. On this issue a very clear guideline of the European data protection authorities has already been published in November 2017 (link).

Separation of necessary & unnecessary data usage. An end of “forced consent” does not mean that companies can no longer use customer data. The GDPR explicitly allows any data processing that is strictly necessary for the service – but using the data additionally for advertisement or to sell it on needs the users’ free opt-in consent. With this complaint we want to ensure that GDPR is implemented in a sane way: Without just moving towards “fishing for consent”.

NOYB calls the pop-up boxes requiring users to accept new privacy policies are a “clear violation” of the GDPR. The group estimates that the alleged violations could result in fines totaling up to €7bn total (roughly $8 billion USD).

“If companies realize that annoying pop-ups usually don’t lead to valid consent, we should also be free from this digital plague soon,” Schrems said in a statement. “GDPR is very pragmatic on this point: Whatever is really necessary for an app is legal without consent, the rest needs a free ‘yes’ or ‘no’ option.”
Photo: Getty iStock

Subscribe to our Newsletter

Be one of the first to experience the future of financial services