Companies could face massive fines in 25 European Union countries if they mishandle citizens' personal information, under a new privacy law due to take effect in 2018. New age restrictions will mean no more Facebook or other social media for European pre-teens. Today, fines for violations of EU data protection rules are typically limited to a few tens of thousands of euros, or hundreds of thousands in exceptional cases. That's hardly enough to upset companies such as Facebook or Google, which both reported billions of dollars in net income last year. From 2018, though, data protection authorities will be able to impose fines of up to 4 percent of a company's worldwide revenue for breaches of the new privacy rules approved by the European Parliament on Thursday afternoon.
Facebook is launching a range of new tools in an effort to "put people in more control over their privacy" in the buildup to new EU regulations that tighten up data protection. The changes come after a troubling two weeks for the company, which is battling with the fallout of the Cambridge Analytica files. At least one of the new features, a unified privacy dashboard, was previously discussed by Facebook's chief operating officer, Sheryl Sandberg, back in January. "The last week showed how much more work we need to do to enforce our policies, and to help people understand how Facebook works and the choices they have over their data," two Facebook executives wrote in a blogpost announcing the changes. "We've heard loud and clear that privacy settings and other important tools are too hard to find, and that we must do more to keep people informed."
Facebook is updating privacy options for users ahead of Europe's strict new data legislation, which comes into force next month. Facebooks's chief privacy officer Erin Egan said the company will be rolling out the new options in Europe this week, ahead of the arrival of the the European Union's General Data Protection Regulation (GDPR). However, the changes will have implications beyond Europe; Facebook said that all users would be asked to review some of their Facebook data privacy choices. All users will be asked to decide whether they want to see ads based on data from partners -- such as websites and apps that feature the Facebook'Like' button. "We'll ask people to review information about this type of advertising, and to choose whether or not they want us to use data from partners to show them ads," Egan said.
Privacy policies from companies including Facebook, Google and Amazon don't fully meet the requirements of GDPR, according to the pan-European consumer group BEUC. An analysis of policies from 14 of the largest internet companies shows they use unclear language, claim "potentially problematic" rights, and provide insufficient information for users to judge what they are agreeing to. "A little over a month after the GDPR became applicable, many privacy policies may not meet the standard of the law," said Monique Goyens, BEUC's director general. It is key that enforcement authorities take a close look at this." The European Union's new stronger, unified data protection laws, the General Data Protection Regulation (GDPR), will come into force on 25 May 2018, after more than six years in the making.