![]() ![]() ![]() ![]() Masse argues that Meta should have been made to delete the data it collected unlawfully, and that GDPR enforcement needs to change companies business practices. “It's a bittersweet decision.” Since GDPR came into force in May 2018, it has been criticized for not effectively curtailing the worst data practices of Big Tech. ![]() “This is an absolutely significant fine and yet, the penalties may be inconsequential for people's rights as Meta can hold on to data it has moved unlawfully,” says Estelle Masse, the global data protection lead at European NGO Access Now. The second of these rulings, in 2020, made the Privacy Shield agreement ineffective and also tightened rules around “standard contractual clauses (SSCs).” Twice since then, Europe’s top courts have struck down US–EU data-sharing systems. It stems back to 2013, long before GDPR was in place, when lawyer and privacy activist Max Schrems complained about US intelligence agencies’ ability to access data following the Edward Snowden revelations about the National Security Agency (NSA). The billion-euro fine against Meta has a long history. “While this decision is addressed to Meta, it is about facts and situations that are identical for all American companies doing business in Europe offering online services, from payments, to cloud, to social media, to electronic communications, or software used in schools and public administrations.” ‘Bittersweet Decision’ “The entire commercial and trade relationship between the EU and the US underpinned by data exchanges may be affected,” says Gabriela Zanfir-Fortuna, vice president of global privacy at Future of Privacy Forum, a nonprofit think tank. ![]()
0 Comments
Leave a Reply. |