The entry into force of GDPR is now imminent. Assembly’s Privacy and Data Protection Tracker has analysed and compared the approach taken by Data Protection Authorities in various countries, to prepare businesses for the new regulation. Differences in approaches across countries remain, although the pan-European nature of GDPR means companies can find useful insight in the activity of all DPAs across the EU.
Where next for the regulation of Facebook?
After the emergence of large-scale data breaches on Facebook’s platform, CEO Mark Zuckerberg accepted to appear before the respective parliamentary committees of the US Senate and Congress. The hearings highlighted that US politicians are now turning their attention to social media platforms, but have no coherent plan (and unclear intentions) on the measures to adopt. At the same time, there are clear indications that the EU’s GDPR will become a benchmark for data privacy worldwide.
Facebook’s privacy practices will now face thorough scrutiny
What started as criticism for not doing enough to spread disinformation online is now quickly escalating into inquiries about the way in which Facebook allows third parties to access its users’ data. Allegations that Facebook’s data have been misleadingly obtained, and used to profile approximately 50m users to run targeted political campaigns, have now prompted the Federal Trade Commission (FTC) to investigate the company’s privacy practices.
The EC’s Digital Tax faces a long road ahead
The European Commission has today launched a new proposal to adapt the taxation system of the digital economy, in which value is created in countries where a business does not have a physical presence. The EC proposes to introduce a taxable “digital presence”, fulfilling one of three criteria (at least €7m turnover per year in an EU country; more than 100,000 users in a member state in a year; or more than 3,000 business contracts in a state in a year). It also proposes an “interim tax”, which will apply to revenues created from online advertising.
Tech companies should take down illegal content in one hour
The European Commission issued today a set of “operational measures” to tackle illegal content online. This also includes terrorist content and hate speech. Tech companies are recommended to follow a “one-hour-rule” to take down terrorist content and to implement faster detection systems, including automated ones. Tools should also be shared with smaller companies. Businesses will have to submit information to the EC about their compliance with this Recommendation within three months.
European Commission still unclear on how to tackle fake news
On 27 February 2018, the European Commission held the second multi-stakeholder meeting on the problem of fake news. The meeting is part of a series of events, and of a comprehensive initiative the EC is taking to address the issue. During the event, it was clear that the EC’s position is still far from being defined. On the other hand, the advertising industry is advocating for light-touch regulation and is defending its own ability to enforce self-regulation.
Policymakers turn their attention to fake news, hate speech and addiction
Tomorrow, the European Commission will host a colloquium in Brussels on the issue of “fake news”, which will see the participation of experts and industry representatives. This is very likely another step toward legislative intervention, which could come in the form of a Recommendation from the EC.
Consumer protection rules get stronger for big tech across the EU
In February 2018, the European Commission issued a statement outlining the progress made by the three main social media platforms (Facebook, Twitter, and Google+) toward improving consumer protection, based on the requirements it made in March 2017. The EC found that Facebook and, to some extent, Twitter, still have work to do to fulfil the requirements. The EC’s strengthened approach to consumer protection in online platforms is a further example of the increased regulatory scrutiny on tech companies. It also shows how the rules of the countries where their users are will prevail over those of the company’s establishment, in line with the principles set out in the General Data Protection Regulation.
DCMS committee unhappy with social media’s approach to fake news
The hearing carried out by the UK’s Digital, Culture, Media, and Sport (DCMS) parliamentary committee on 8 February 2018 in Washington DC with executives of three of the main global social media platforms (Google, Twitter, Facebook) showed how much distance currently separates tech companies from regulators and policymakers with regard to tackling “fake news”, hate speech, and other related illegal activities.
The regulation of big tech draws closer
Statements made at the recent World Economic Forum by businessmen such as George Soros, and by CEOs of tech giants (Salesforce and Uber) show these companies are starting to recognise that stronger regulatory oversight of their industries is inevitable and, to some extent, beneficial. This should be seen as a significant change in direction compared to the time when big tech was warning against the risks of regulating too heavily.
