31 May 2018
You would have to be a monk or, at any rate, in an entirely internet-free zone, not to have had your recent days troubled by endless GDPR traffic. The tiniest charity holding your name and email address up to the data behemoths have asked, in different ways, for your consent for them to hold your personal data. You may have observed the frankness and simplicity of the former’s requests and the weaseliness of the latter’s, who try to make it rather difficult for you to say no, indeed to understand what precisely they are asking you to do.
Just in case you have not looked at it, here is the Regulation. It is actually a good deal easier to understand than a lot of the summaries of it.
This lack of transparency in these consent forms/privacy statements had not gone unnoticed by one of Europe’s more indefatigable privacy sleuths. Max Schrems, an Austrian lawyer, who, at 30 years of age, has already been to the EU top court twice (see here and here), moved fast. By the end of GDPR day last Friday, 25 May, he sued global platforms with multibillion-euro complaints. 3 complaints said to be valued at €3.9 billion were filed in the early hours against Facebook and two subsidiaries, WhatsApp, and Instagram, via data regulators in Austria, Belgium and Germany. Another complaint valued at €3.7 billion was lodged with France’s CNIL in the case of Google’s Android operating system.