EU Court leaves tech giants more exposed to privacy challenges

Get a free Techzine subscription!

The European Union backs the sanctions set by national privacy watchdogs on Facebook, Google, and Twitter. These corporations will now be answerable about their privacy legislation to the EU authorities.

Silicon Valley giants are all set to face more scrutiny, and strict sanctions after the EU’s top court declared that lead regulators or not, privacy watchdogs can regulate these businesses.

The ruling

A European consumer lobby group welcomed this ruling by the CJEU or European Union Court of Justice. According to the CJEU, “a national supervisory agency will have the power to call out a corporation of its alleged infringement of the GDPR before the court, even if the agency is not the lead supervisory authority.” Judges said that regulatory supervisors would be people who can ensure consistency and cooperation as required by procedures set out in the GDPR.

However, the consumer lobbying group countered the judgment by stating, “that Ireland alone cannot be responsible for privacy breaches of around 500 million EU consumers.” This statement stems from the fact that Ireland is home to all these tech giants, putting it under the Irish data protection regulator.

Several other nations have also complained against Ireland that it takes too long to pass a decision; however, Ireland countered it by saying that they like to be thorough and meticulous with every decision, especially regarding well-funded global giants.

The aftermath

While this accountability is great for people in the EU, the tech lobbying group CCIA argues that this could lead to additional enforcement costs. Not to mention that it would also allow data enforcement officials to start case proceedings against multiple companies.

The President of Belgium’s DPA added, “We have always emphasized the importance of authorities acting on users’ behalf,” and stated that the new ruling confirmed that having one lead supervisory authority cannot pass a judgment alone. Practical and sincere cooperation is needed to preserve both the GDPR’s consistent interpretation and its provision’s effectiveness.