by Harper Neidig
Ali Breland contributed
Big Tech is
facing a perfect storm of political resistance, but
there are many cross-currents and hidden motives.
TN expects that
anti-trust legislation will ultimately be invoked to
break up several of the largest semi-monopolies like
What the EU is
doing at this point it cut off the free consumer
data that is the lifeblood of the industry.
Expect a lot of
chaos, lobbying, back-stabbing and corruption to
brace for sweeping EU privacy law
Facebook and other internet
companies are racing to prepare for a sweeping new
European Union (EU) privacy law
that aims to give consumers greater control over the use of their
The law comes at a critical time for the industry, which is already
facing tough questions over its data practices.
The General Data Protection Regulation (GDPR),
which goes into effect across the EU on May 25, will drastically
change what Internet companies can do with customers' data.
Users will have greater control, including the ability to learn what
information companies have on them.
The GDPR will also codify
what's known as "the right to be forgotten," meaning consumers will
be able to order web services to delete their data or stop
distributing it to third parties.
The rules will also
require companies to give users the ability to easily revoke consent
for handing over personal information.
"I think it's going
to have a fundamental seismic shift in the whole industry
because it grants people rights over their data that they don't
currently have," said David Carroll, an associate professor at
the Parsons School of Design who studies digital media and data
"It really empowers consumers to get a better deal; we've never
really had a say in the deal," Carroll added.
Companies must also be
upfront about what they are doing with users' personal information.
Regulators say that web
services will no longer be able to cloak the terms of their data
practices in legalese.
"One of the main
tenets of GDPR is to make sure that there is trust and to make
it clear what the data is being used for," said Greg Sparrow,
vice president and general manager of CompliancePoint.
The impending deadline
has companies scrambling to bring themselves in line with the new
Violations under the new
rules would be met with hefty fines of $24.6 million or 4 percent of
a company's global revenue - whichever is larger.
Hovering over those efforts is the data scandal that saw a political
consulting firm with ties to President Trump's 2016 campaign
improperly obtain the personal information of 50 million Facebook
Cambridge Analytica, which did
work for the president's campaign and several other Republican
politicians, reportedly paid a researcher for data he obtained
through a third-party app on Facebook.
The researcher obtained
the data even though users had not consented to handing over their
information for political purposes.
Věra Jourová, the EU's consumer protection chief, thinks the
incident underscores why privacy regulations like the GDPR are
"In my view this is
not only about data protection [from] breaches, this is about a
threat to democracy and individual freedoms," Jourová said in an
interview with Bloomberg earlier this month.
"I can say that in Europe we are ready for these cases," she
A Facebook spokesperson
told The Hill in a statement that the company is making sure
its services comply with the new laws and will announce new updates
before the deadline.
The spokesperson also pointed to a January speech that Chief
Operating Officer Sheryl Sandberg gave in Brussels in which
she promised Facebook would look to go beyond the law's
In January, Facebook released a set of privacy principles and
established a global privacy center to better inform their users on
how the company operates. And this week, in response to the outcry
over Cambridge Analytica, it announced it will no longer
allow the use of third-party data for targeted advertising.
At a minimum, GDPR means most companies will have to rethink how
they interact with users.
Marshall Erwin, director of trust and security at
Mozilla, said that his company
prepare for the new European regulatory regime.
But Mozilla designed its
services, like its signature
Firefox browser, to collect minimal
amounts of user data, he said.
"It is going to be
much more challenging for a lot of other companies that collect
more data from their users, that have much more complex data
collection mechanisms," Erwin said.
"There's a lot of potential for GDPR to give users a lot more
control," he added. "The real impact there is going to depend on
how seriously companies take those requirements."
The EU has not been kind
to American tech giants.
In 2016, regulators
ordered Apple to pay Ireland more than $15 billion in back taxes
after concluding the country had granted it illegal tax breaks.
Internet companies are facing
antitrust and privacy investigations from European authorities, and
the EU is also considering slapping them with a new tax for online
Last year, Google was hit with a record $2.9 billion antitrust fine
for favoring its own comparison shopping tool in its search results.
A Google spokesman declined to comment on its preparations for the
new privacy law, but the company has promised to comply.
Google has faced mounting criticism
for its collection of user data and its partnership with third-party
services that target advertisements based on users' activities and
Many of the tech giants' biggest critics have been cheering the EU
law and urging regulators in the U.S. to study it as a road map for
crafting their own privacy rules.
But David Carroll thinks internet companies won't wait for
the U.S. to impose its own regulations.
He argues that it won't
make sense financially for the industry to operate two different
internets on either side of the Atlantic.
"The market will
adapt to GDPR regardless of what lawmakers on Capitol Hill do,"
"There will be a more positive way of doing business," Carroll
predicted. "It will make the internet a safer, less disgusting