The European Union and the UK are adopting new data protection laws in May which could see companies face huge fines for mishandling users’ data.
Under the new law companies — with big US tech giants thought to be in the firing line — could be fined up to 4% of their annual revenues or €20 million — whichever is higher.
Yesterday the UK’s Digital, Culture, Media and Sport Secretary Matt Hancock said Facebook could be slapped with a £1 billion fine under the new rules.
Speaking at an event yesterday he said:
We are going to require much more transparency in how data is held by the big platforms.
We have a real chance to be the place that sets the rules for how the internet works.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Company Profile – free sampleThank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalData
The social media giant earlier this week was forced to admit that it had made mistakes that led to 50 million people’s data exploited by political consultancy Cambridge Analytica, which some people fear might have influenced the 2016 US presidential election.
With companies bracing themselves for a crackdown on data breaches from this year, here’s how much some of the world’s biggest data merchants could stand to be fined.
|
Turnover in 2017 |
Potential fine |
Apple |
$229 billion |
$9.2 billion |
Amazon |
$178 billion |
$7.1 billion |
Google (Alphabet) |
$110 billion |
$4.4 billion |
Microsoft |
$90 billion |
$3.6 billion |
|
$40. 7 billion |
$1.6 billion |
Netflix |
$11.7 billion |
$467 million |
|
$2.4 billion |
$96 million |
The UK’s new bill — called the UK Data Protection bill which mirrors the EU’s so-called GDPR regulation — will also expand the powers of the Information Commissioner to investigate mishandling of user data.
Under the new legislation the commissioner will be given the right to “go in faster into an organisation against which she has an information notice”, according to Hancock.
He said:
You can’t just let the companies decide what is the balance between privacy and use of data and innovation. That is a decision for society, reflected in the laws that we pass here.
We are going to require much more transparency in how data is held by the big platforms, and transparency around how advertising spend is used on them.
Under current laws EU authorities can only dish out small fines for data breach violations and have limited power to sanction companies.
The provisions would be applied to free digital platforms, where people exchange their personal data for the services provided — such as cloud storage, email, or social media.
The UK Department for Digital, Culture, Media & Sport told Verdict that the new law is expected to come into force in May.