EU regulators boost enforcement of bloc’s data privacy law
EUROPEAN Union privacy regulators are ramping up enforcement of the General Data Protection Regulation as the bloc’s comprehensive privacy regime heads into its second year. Regulators say they’re willing to bring cases across various industries if they find violations of the law, which governs US multinationals such as Facebook and Alphabet’s Google as well as EU-based businesses.
Companies face fines up to 4pc of annual revenue for violations, which could translate into billions of dollars in penalties.
The Irish Data Protection Commission “will be bringing our first draft decisions to our fellow DPAs over the summer months”, in multiple investigations into big tech companies, Graham Doyle, the commission’s communications director, said. Ireland’s regulator is investigating Facebook, Twitter, Apple, and Google.
Each EU data protection authority generally takes a special interest in parts of the privacy law. Ireland has said it’s paying special attention to children’s privacy issues. It launched an effort on kids’ data processing and the children’s data rights under the GDPR and plans to “create a series of guidance materials on children’s data protection issues”, Doyle said.
EU privacy officials are “a serious enforcement community with real powers”, said Giovanni Buttarelli, the European Data Protection Supervisor. Multinationals in the EU need to take responsibility for the data they process and profit from, whether or not they have proper consent, Buttarelli said.
Vera Jourova, the EU’s justice commissioner, said she will “continue supporting efficient and pragmatic enforcement by the European Data Protection Board”, the coalition of data protection regulators.