As a result of the new change in the terms of service of Facebook, its existing 1.5 billion users won’t be safeguarded under the new data privacy laws of Europe (GDPR). This comes in the wake of Facebook being at the center of a controversy about its handling of personal data, allegations of leaking data for profit, and the mounting criticism from different quarters.
The new policy depends on the users who will be regulated via the European headquarters of Facebook in Ireland. Facebook is maintaining that it has planned transparent privacy rules worldwide and would soon act upon it.
By the new move, Facebook users outside the EU would be governed by Facebook Inc. in the US rather than Facebook Ireland. It is seen as a way of circumventing the stringent General Data Protection Regulation (GDPR) by shifting user base outside the EU. More than 70% of its two billion members would be impacted by this change. As of December last year, Facebook had 239 million users in the US and Canada and 370 million in Europe.
Billions under the impact
It also had 1.5 billion members in Africa, Asia, Australia and Latin America – and they are the ones affected by the change.
Users in the US and Canada were never subject to European jurisdictions.
Stephen Deadman, deputy chief global privacy officer at Facebook, said to the BBC “The GDPR and EU consumer law set out specific rules for terms and data policies which we have incorporated for EU users. We have been clear that we are offering everyone who uses Facebook the same privacy protections, controls and settings, no matter where they live,”
Sylvia Kingsmill, a digital privacy expert at consultancy firm KPMG, said such moves would enable the tech firms to look for loopholes and find the ways to avoid the new regulations.
“I think that the public expectation is that their data, which they freely give up to corporate giants, is protected and I think this kind of move will catch up with the firms that make it”.
Sylvia further added that regulators and lawmakers in the US and Canada are working on their own version of the GDPR.
GDPR – A trendsetter in data privacy
Overall, the new GDPR will prove to be a game changer in multiple ways. It will have a far-reaching impact on the global consensus around privacy; fostering greater transparency, being a catalyst in the incubation of similar laws and laying the onus on companies to protect user data. The GDPR has initiated the precedent of data privacy being an inviolable fundamental right of the user and the pressing need for the governments to enact legislation for its protection.
With the GDPR, companies would have to handle user data with more responsibility and accountability, and failure to do so would be a breach of law, leading to heavy fines.
Facebook, just like many other tech giants, established its international headquarters in Ireland, in 2008, because of the low corporate tax rate in the country. This shift also meant that consumers outside of USA and Canada would be subject to European laws and regulations.
With the new change, users outside Europe will no longer be able to lodge complaints with Irish data protection commissioner or in the Irish courts. GDPR offers greater control to users and the penalties for data breach are very high – up to 4% of the company’s global revenue.
The Cambridge Analytica scandal rocked Facebook and it received much flak due to its negligence in handling user data and allowing companies to harvest user profiles for political purposes. Mark Zuckerberg publicly tendered an apology for the data breach. Mark now seems enthusiastic about the GDPR and isn’t ready to give, as he has said it would be a very positive step for the internet.
Also Read: Check out 10 key features of GDPR
It remains to be seen whether Zuckerberg is ready to walk the talk on data privacy following the recent Cambridge Analytica fiasco and actively takes up measures to boost user confidence and prevent the future data breach. Meanwhile, before Facebook implements similar laws, the consumers outside Europe and US would be in a limbo.
What’s at stake here concerns not just Facebook but expresses the dire need of instituting data privacy laws worldwide and recognizing the privacy rights of the netizens. There is already a cat-and-mice chase between cybercriminals and authorities, and in the absence of proper regulatory mechanisms, legal frameworks and punitive measures, willful negligence or active connivance on part of the companies would only continue unabated.
The risks of data breach are enormous and in a rapidly evolving, fast-changing and interconnected world no one can afford to take data privacy lightly. The susceptibility associated with violation of data privacy – identity theft, psychological manipulation, frauds etc – would only multiply in the years to come and we can only tackle it if we are armoured with the right policies and effective set of rules and regulations.