Skip to main content

Barely a day had passed since the enforcement of the European Union’s new data privacy law, and things were already looking nasty for the big boys on the block.

The new General Data Protection Regulation (GDPR), already in effect in 28 EU member states, has paved the way for a raft of lawsuits against Google and Facebook.

The lawsuits, filed by Austrian privacy activist Max Schrems, seek to slap Google and Facebook with fines of 3.7 billion euro and 3.9 billion euro respectively. Schrems is a longtime critic of how big internet companies often deploy questionable means for collecting user data without giving two hoots about their privacy and security.

He has broken up his lawsuits into four parts, one each against Facebook, Instagram, WhatsApp, and the Android OS.

As usual, both Google and Facebook have dismissed the allegations saying that they have taken every measure possible to be compliant with the GDPR.

The GDPR, which is more powerful and far-reaching compared to any previous data privacy laws, aims to do away with the loopholes that have so far allowed internet companies to go about their data collection strategies with impunity. It requires the likes of Google and Facebook to have clear consent and justification for any personal data collected from users.

However, the GDPR is not without its fair share of challenges — especially on the implementation front since the majority of internet companies seem still unprepared for complying with the new set of rules introduced by it.