Regulating internet giants in Europe

The fact that big internet companies handle personal data has generated great concern, also in relation to the issues of transparency and privacy, leading the EU to come up with new regulations on data and online privacy protection. In the following excerpts, Philip Schlesinger (University of Glasgow) discusses this framework intended to protect EU citizens’ online data and explains the wider power dynamics in which it is embedded:

Also of note is the General Data Protection Regulation – the GDPR – which came into effect on 25 May 2018. A new privacy provision translated into the law of the 28 Member States, it was enacted to protect people’s online data, which is key to how we interact with the Internet and not least in our cultural consumption. Much will depend on how effectively its provisions can be enforced at the national level. These include consumers’ right to request their online data as well as restrictions on businesses’ handling of data and on targeted ads. It also has a regime of fines, with the maximum set at €20m or 4 per cent of annual turnover. …

Major players such as Apple, Google and Facebook are evidently working to comply with the EU’s requirements, but are also investing heavily in lobbying capability in Brussels. Facebook has hired Sir Nick Clegg, ex-EU civil servant, MEP, and former UK deputy prime minister, as its head of global policy. Europe is a key market for US tech companies and the EU is using its policies as leverage in international trade agreements, with strong indications that the GDPR will be followed in Japan and South Korea, and also Brazil (at least, prior to the election of Jair Bolsonaro on 28 October 2018). The EU’s position contrasts with that of the US, where the Trump administration has taken a protectionist stance and sees greater tech regulation as an impediment to innovation.