With the European Union's tough new online privacy framework taking effect Friday (May 25), websites were warning users that they would have to provide their consent for data use in order to use the service. Wrong move, said a privacy group.
Following those pop-warnings, privacy activist group noyb.eu proceeded to file complaints against Google (Android), Facebook, WhatsApp and Instagram over what it said was “forced consent."
The group, the NOYB – European Center for Digital Rights (the "noyb" stands for "none of your business"), said the new General Data Protection Regulation (GDPR) prohibits such forced consent, so that for companies doing business in the EU "access to services can no longer depend on whether a user gives consent to the use of data"--theoretically, it would seem, even if the service's free-to-web-surfers business model depended on its users allowing them to monetize that data via advertising and marketing.
"With [these complaints] we want to ensure that GDPR is implemented in a sane way: Without just moving towards 'fishing for consent,'" noyb.eu said.
Given that the penalty for violating the new rules could be 4% of a company's global revenue, were Google and Amazon to be dinged, they could owe more than a billion Euros, the group said. "Currently we do not expect that DPAs will use the full penalty powers," said the group. "but we would expect a reasonable penalty, given the obvious violation."
Noyb.eu said if its complaint succeeds, it could be the end of those "annoying and obtrusive" pop-up consent boxes.
To get a sense of what the GDPR is and means, check out this panel session sponsored by the congressional caucus focused on internet issues: