In 2016, the European Parliament passed the General Data Protection Regulation (GDPR) which is set to come into effect May of this year. The GDPR will synchronize European data protection policies, strengthen privacy rights, mandate “data protection by design and default”, require corporations to inform EU citizens if their accounts have been hacked and make it easier for EU nationals to access their data. This legislation is particularly interesting for several reasons. Firstly if one violates these policies, the fine can be as large as 4% of the corporation’s global revenue. Secondly this policy additionally applies to non-EU organizations, any entity that handles EU citizens’ data must comply. Who would be concerned by that information? Facebook.
Facebook has often come under fire from critics for having weak privacy protections. Facebook critics object to the difficulties some Facebook users have when trying to find privacy settings. In response to the pending enforcement of this legislation, Facebook recently said that they will place all their privacy settings in one place, so people will find it easier to “manage their data”.
It will be interesting to see how the EU reacts to this statement. Will they feel it is enough or that it is not protective enough of their nationals’ privacy? Additionally with Facebook’s response in mind, it will be interesting to see how other corporations change their privacy policies.