By Aanuoluwa Omotosho
Facebook is leading other social media and internet giants in the push for new privacy law ahead of 25 May when the European Union’s General Data Protection Regulation (GDPR) goes into effect.
The EU’s GDPR places restriction on how tech companies collect, store, and use personal data. User’s data may only be stored and used by the authorization of the individual user thus significantly impeding how, for example, “Google and Facebook will be [able] to use the personal data they hold for advertising purposes without user permission” as one expert Dr Johnny Ryan puts it.
With 25 May D-Day imminent, Facebook is already fine-tuning its new privacy center featuring all core privacy settings which align with the strict new EU data protection law. Also, the social media giant has published its privacy principles for the first time, detailing how the company handles user details.
The world responds to GDPR
The EU’s new data protection law will not impact on EU territory or citizens but countries and corporate entities that relate or do business with the EU. Thus, from 25 May, countries and organisations outside of the EU also need be ready for the GDPR.
China and Brazil have notably drawn up policies to accommodate the GDPR. In UK following Brexit, the Government recently published its draft Data Protection Bill, aligns closely with GDPR.
“Because of its global reach, it affects every organization who collects, processes and monitors EU data subject so online businesses in Nigeria targeting EU citizens will need to implement controls, systems, and procedures to ensure compliance,” said CEO of Johan Consults Limited and Certified GDPR and Information Security consultant, Akin Oyegoke IT Edge News.
The EU is a the world’s strongest political and economic bloc thus any policy it implements significantly impacts on the rest of the world. Ryan in his article ‘How the GDPR will disrupt Google and Facebook‘ believes the GDPR will alter how nations and enterprises harness and use data without resort to the individual.
Ryan asserts: “Google and Facebook will be unable to use the personal data they hold for advertising purposes without user permission. This is an acute challenge because, contrary to what some commentators have assumed, they cannot use a “service-wide” opt-in for everything. Nor can they deny access to their services to users who refuse to opt-in to tracking. Some parts of their businesses are likely to be disrupted more than others.
“The GDPR Scale
“When one uses Google or Facebook.com one willingly discloses personal data. These businesses have the right to process these data to provide their services when one asks them to. However, the application of the GDPR will prevent them from using these personal data for any further purpose unless the user permits. The GDPR applies the principle of “purpose limitation”, under which personal data must only be “collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes”.
“Google and Facebook cannot confront their users with broad, non-specific, consent requests that cover the entire breadth of their activities. Data protection regulators across the EU have made clear what they expect.”