Open Mobile Menu


Filed In: GDPR and Privacy, Risk and Compliance

GDPR Day 1

Views: 1219

Written By: Christine Bertacini May 25, 2018

Some Background on GDPR

GDPR is the General Data Protection Regulation of the European Union. The EU created this data privacy law with the intention of protecting its citizens and lowering business barriers created by the need for privacy regulations over different member’s state lines. If you have employees, partners, customers abiding in the EU, it is necessary to properly handle their data and ensure that it is protected.

Day 1 of the New GDPR Laws

As of today, May 25th 2018, the new GDPR laws have become effective. Global companies (Google and Facebook) have already been accused of breaking these laws, and the Austrian privacy activist Max Schrems filed lawsuits today adding up to about $8.8 billion U.S dollars between the two companies (Schrems has been a critic of both company’s data collection practices for years). Although Google and Facebook announced they implemented new policies and products that they believe to be in compliance with GDPR, he claims that Google and Facebook have not taken the proper measures to incorporate appropriate privacy practices into their business processes.

Schrems believes that while the new regulation is supposed to provide users the choice of either “opting-in” to or declining data usage agreements, these companies chose to implement “consent boxes”, that if not checked, would result in user accounts being blocked; in Schrems’ view this is a violation of the GDPR’s definition of consent.  Schrems believes both companies are aware that they are not fully in compliance with the spirit of the law and are employing what he calls “forced consent”.  

Facebook has already responded to this lawsuit claiming they have spent the past 18 months preparing for the new GDPR laws, firmly believing that they are in compliance with them. Now it’s up to regulators and the EU Data Protection Authorities to decide if they agree.

This is just the opening salvo in what is guaranteed to be a long and interesting conversation about privacy and application of the new laws. Stay tuned…

Are YOU in compliance with GDPR?

If you have questions about the applicability of GDPR and what this new law means to your business please contact AppSec Consulting.  Our team of data privacy experts can help you understand what your organization should be doing to do to comply with these new regulations. 

Christine Bertacini

Christine is a student at the University of Arizona studying Communications and Sports Management. In her Marketing Intern role at AppSec Consulting, Christine is responsible for supporting marketing and communication activities. She also participates in marketing strategy and planning sessions and assists with website search optimization. While Christine hopes to pursue a job in the Sports and Entertainment Industry, she has a passion for learning more about cybersecurity and data privacy in hopes to incorporate those skills into other industries. Christine has completed security awareness and privacy principles training. 

read more articles by Christine Bertacini