Skip to main content
close search
site logo
Dive Brief

GDPR to combat 'sweatshops' of personal data collection, EU data official says

Published May 2, 2018
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Kendall Davis

Dive Brief:

  • The connected digital world is effectively translating to "sweatshops" of the 21st century, according to Giovanni Buttarelli, European Data Protection supervisor, in a blog post. Buttarelli suggests that people turn to "free" services on the internet because the alternative is paying for privacy. He argues privacy should not be an "exclusive privilege" granted to those who can afford it.

  • Buttarelli acknowledges that recent notifications sent to customers globally about change in data terms are the first the average customer may be hearing of GDPR, which is less than one month away from its implementation. But the "take-it-or-leave-it proposition" presented by such companies may elicit a "hint of menace," which could effectively diminish the positive purpose of the regulations — to rebuild trust between users and the companies that posses their data.

  • Because the obligations of GDPR are "scalable," accountability enforcement is also scalable, according to Buttarelli. This makes companies that collect the most sensitive user data the most challenged in terms of "demonstrating the lawfulness" and proving the ethics of their activities over the last decade or so.

Dive Insight:

At the heart of GDPR is basic human rights along the lines of freedom of speech, non-discrimination and privacy, said Buttarelli. So to combat companies that appear to be manipulating user data for their own gain, GDPR was put in place.

The internet is full of services that allow users to integrate application to application, effectively lending their information for "free" in exchange for the services without much control over what happens to their data. That is the real cost for "free" services from these companies.

The recent Cambridge Analytica incident was an example of the use of personal data hosted on a platform for political gain. But Facebook's mishap is not an isolated incident. Instead, negative public response made this particular case stand out.

Following the fallout, Facebook CEO Mark Zuckerberg has acknowledged the impending GDPR deadline and that the company would abide by the new regulations "in spirit," rolling out compliance measures to European users by the deadline and using a phased approach for the rest of the world afterwards.

Companies like Facebook and Google thrive off of the, perhaps at times, "unscrupulous personal data collection," said Buttarelli. The collection allows these data juggernauts to effectively manipulate users into additional clicks, which drives revenue. After all, 84% of international ad revenue is held by these two companies alone. 

Because data is treated more as a business asset than ever before, companies have an inherent responsibility to not only protect it for their customers' sake but also for their reputation. Because nearly one-third of businesses believe GDPR doesn't go into effect until the end of the year, hammering home the implications of nonregulated practices from May 25 on is vital.

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
Celonis AgentC: Making AI Agents Work for the Enterprise with Process Intelligence
From Celonis
October 23, 2024
Cosentino Drives Business Transformation with AI Powered by Celonis Process Intelligence
From Celonis
October 23, 2024
Tech Ambitions Collide with Reality: 2025 Technology Impact Report Exposes Critical Readiness…
From Omnia Strategy Group, LLC
October 21, 2024
Editors' picks
Latest in IT Strategy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell