The EU’s new privacy law is starting to bite Facebook

REGULATION helps incumbents, which have the resources to comply, but hurts newcomers. Or so argue critics of the European Commission’s new rules for the digital realm and of its privacy law, the General Data Protection Regulation (GDPR). That may yet prove true, although the GDPR makes exceptions for smaller firms. But for now these new laws are making life harder for big technology firms. Facebook, in particular, is in the cross-hairs of European regulators as never before.

The latest example came on September 28th, when Facebook announced that an attack on its systems had exposed the personal information of 50m users—the biggest data breach in the firm’s 14-year history. Hackers had exploited three separate bugs in its software to extract snippets of code (“access tokens”), which let them take control of accounts and even log into other online services that accept these digital keys (although Facebook says that it has found “no evidence” that they actually used them to do this).

The company notified European regulators of the breach in order to comply with the GDPR. For the first time in a big case, regulators will have to decide whether Facebook did this within 72 hours of an attack being discovered, as the law demands. If it did not, it faces the threat of a penalty of 2% of annual revenue, or $813m. The fine could be even bigger—up to 4% of...



via Business Feeds

0 nhận xét:

Post a Comment