Europe’s new data regime has arrived. From May 25, the General Data Protection Regulation (GDPR)
is being enforced by regulators across the 28 countries.
GDPR bolsters the protections of personal data of EU citizens and has had companies scrabbling to meet its requirements. There has been a deluge of pointless marketing emails and companies revamping their privacy policies ahead of the rules coming into force.
All companies large and small, as well as other organisations such as public bodies and charities, are affected by GDPR. And for the very biggest firms, it’s an especially crucial issue. Google, Facebook, Twitter, Amazon, Microsoft and Apple hold colossal amounts of information about billions of people around the world. Fall foul of GDPR and they risk being fined huge sums of money.
Each of the big five has taken a different approach to GDPR – with some radical variations between them. We’ve run down some of the bigger changes made by the companies and their various subsidiaries.
Cambridge Analytica has given Mark Zuckerberg a justifiably hard time. Things haven’t been made any easier by the implementation of GDPR.
In front of Members of the European Parliament on May 22, Zuckerberg said his company is ready for GPDR and that “a large percentage” of people who have been prompted to update their privacy settings have done so. In a strange twist, Facebook has used GDPR as an opportunity to turn on facial recognition for people in Europe.
Facebook has also moved the registration of about 1.5 billion users outside of the US, Canada and the EU to the United States from Dublin. As reported by Reuters, Facebook’s move means people in Africa, Asia, Australia and Latin America are not covered by GDPR. Facebook says it is offering privacy tools to everyone around the world. But these won’t be the same in every nation.
Apple
Generally, Apple collected less data than its big tech rivals. As far back as 2011’s iOS 5, the firm added end-to-end encryption on iMessages sent between its devices. Unlike Facebook and Google, the company doesn’t rely on advertising to make money.
For GDPR, Apple has updated its privacy terms and introduced a new user page. People in Europe can now download all of their data that Apple holds about them. This is broken down by Apple service – Photos, Apple Pay, contacts and more. The downloads come in the form of zipped folders, which hold CSV and JSON files that can be reused.
Apple has also introduced the ability to temporarily deactivate an account. When this is done, Apple services will stop working but the company will also stop using customer data for its machine learning and AI systems. These features will be rolled out to all accounts around the world in coming months.
Like Facebook, Google has come under criticism for its GDPR plans. Primarily, the firm has come under fire from publishers and the groups that represent them. Four major trade bodies that represent 4,000 publishers have complained about Google’s changes to its advertising platform. Google’s plan to shift the responsibility of getting user consent to use data “would undermine the fundamental purposes of the GDPR”, representatives for publishers said.
“It’s important to understand that most of our ad business is search, where we rely on very limited information — essentially what is in the keywords — to show a relevant ad or product,” Google CEO Sundar Pichai said in April. He added that he thought GDPR was generally a good thing for internet users.
Twitter has updated its terms of service and privacy policy ahead of GDPR. “By using our services on or after that date, you’ll be agreeing to these revisions,” the firm explained in a blog post.
It hasn’t clearly stated what has been updated but says the updates “focus on the controls we offer you over your personal data” and on how Twitter shares your data publicly. Part of its GDPR preparations have also seen Twitter shut down its apps for streaming service Roku, Android TV and Xbox.
Amazon
Amazon Web Services (AWS) is one of the bigger parts of Amazon’s sprawling set of services. At the end of March, Amazon announced AWS was ready for GDPR. “AWS services give you the capability to implement your own security measures in the ways you need in order to enable your compliance with the GDPR,” the firm explained at the time.
Microsoft
While Google and Facebook have been criticised for their approach to GDPR, Microsoft has announced it will extend the new privacy rights to all its users worldwide. “We believe privacy is a fundamental human right,” the company’s deputy general counsel, Julie Brill, wrote in a blog post announcing the surprise move.
“GDPR is an important step forward for privacy rights in Europe and around the world, and we’ve been enthusiastic supporters of GDPR since it was first proposed in 2012,” Brill added.
Microsoft has also created a privacy dashboard that allows people to review settings, delete data, and download information that’s held about them. It has also highlighted what it has updated in its Privacy Statement for GDPR.
Article source: http://www.wired.co.uk/article/gdpr-facebook-google-analytics-apple-amazon-twitter