Mark Zuckerberg doesn’t plan on extending the European Union’s General Data Protection Regulation (GDPR) to all Facebook users.
On 3 April, Facebook’s chief executive told Reuters in a phone interview that the social networking platform was working on applying a version of the Regulation to users worldwide. When asked what parts of the framework would be omitted for non-European users, he declined to provide any specifics.
“We’re still nailing down details on this, but it should directionally be, in spirit, the whole thing,” he said.
His comments no doubt disappoint many privacy advocates who are hoping Facebook along with other tech giants will implement the European Union’s privacy directive worldwide. Jeff Chester, executive director of the Center for Digital Democracy, is among them. As he made clear to Reuters:
We want Facebook and Google and all the other companies to immediately adopt in the United States and worldwide any new protections that they implement in Europe.
Zuckerberg’s hesitation on extending the GDPR worldwide comes at a time when Facebook is still in hot water for allowing a third-party app developer to scrape the data of 50 million users. In the name of damage control, the social media company revised the terms of its bug bounty program to now include instances of data misuse by app developers. It also pledged to review apps capable of accessing large amounts of users’ information and make all applications request permission to scrape users’ friends’ data.
The GDPR is set to take full effect on 25 May 2018. If companies fail to live up to the standard’s terms, they could face a fine of 20 million Euros or four percent of global annual turnover, whichever is greater.
Given those penalties, organizations need to make sure they’re compliant with the (Read more...)
This is a Security Bloggers Network syndicated blog post authored by David Bisson. Read the original post at: The State of Security