A few months before the EU enacts substantial new privacy rules, and just in time for Data Privacy Day, Facebook has both revamped privacy controls for users to make them simpler and published its internal “privacy principles,” which detail the company’s commitment to protecting user data.
Europe’s General Data Protection Regulation (GDPR), made law last April and enforceable beginning this May, heightens the privacy standards for all companies that collect data from EU citizens.
It mandates companies inform people how their data is collected, whether it’s sold or shared, requires consent before data collection, and sets a strict 72-hour deadline for companies to make the public aware of data breaches.
(Compare that to Uber, which infamously sat on knowledge of a data breach for over a year.)
What concerns Facebook the most is likely the sanctions.
Violating the GDPR comes with enormous fines: up to 4 per cent of the company’s annual global revenue.