By May 25, 2018, companies doing business in the EU will have to comply with the updated privacy framework, General Data Protection Regulation (GDPR), or face pricey fines. Facebook is preparing for the change through its recently published “privacy principles,” which are intended to show how it handles users’ information — a first for the company.
A solid write-up by TechCrunch zings Facebook for the “grand claims” it makes in the principles (“We give you control of your privacy,” “You own and can delete your information” and “We are accountable”) and says the company is merely “cribbing large chunks of the GDPR and claiming the regulation’s principles as its own.” But in short:
“[T]he days of Facebook feeling free to play fast and loose with user data are dwindling — thanks to regulatory interventions.”
How, then, will Facebook manage to convince users to consent to the processing of their data? By building their trust.
Facebook has rolled out an educational campaign, which includes explainer videos (“slick, feel-good ‘infomercial’ videos”) placed in the news feed. The campaign is supposed to help users understand and exercise their rights. The company also recently announced an overhauled global privacy settings hub and a series of data protection workshops for small and medium businesses in the EU to start. TechCrunch explains the impetus behind the educational efforts.
“Its educational largess around the EU regulations can be explained by the fact that the risks attached to GDPR’s supersized penalties also inflate the liabilities for data controllers (like Facebook) that share user data with third parties for processing.”
Unlike Facebook, its advertisers might not have the same resources to figure out how to best convince users to allow them to use their data.
Time will tell, concludes TechCrunch, how effective the GDPR is in protecting users’ data.