GDPR impact: Google, Facebook look at $9.3 billion in fines under new EU privacy law

Complaints of privacy violation have been filed against tech giants Google and Facebook within hours of General Data Protection Regulation (GDPR) taking effect on Friday. Google and Facebook, along with the social media giant's subsidiaries WhatsApp and Instagram, could be fined $9.3 billion in total over privacy complaints of breaking European Union's new privacy law.

Austria-based privacy-advocacy group Noyb.eu said that the four companies are forcing users to adopt a "take it or leave it" approach regarding privacy, demanding that they give in to intrusive terms of service, a CNET report said. The group is run by data privacy activist Max Schrems.

"Tons of 'consent boxes' popped up online or in applications, often combined with a threat, that the service cannot longer be used if user[s] do not consent," a statement issued by the group read.

Noyb is asking regulators in France, Belgium, Hamburg and Austria to fine Google, Facebook, Instagram and WhatsApp up to 4 per cent of their annual revenue as mandated by the GDPR rules, the CNET report said. This could mean fines to the tune of $4.88 billion for Google's parent company Alphabet Inc and $1.63 billion each for Facebook and its WhatsApp and Instagram services.

The tech giants will have to pay this penalty if the regulators agree with Nyob and decide to fine the companies for the full amount, the report added.

Meanwhile, Google assured that it is working in earnest to ensure compliance with the GDPR guidelines. The leading search engine listed the key steps it has taken to comply with the new privacy law. "We build privacy and security into our products from the very earliest stages and are committed to complying with the EU General Data Protection Regulation," a Google spokesperson said.

Facebook also declared its commitment to comply with GDPR rules. "Over the last 18 months, we have taken steps to update our products, policies and processes to provide users with meaningful data transparency and control across all the services that we provide in the EU," Erin Egan, Facebook's chief privacy officer, said in an emailed statement.

GDPR, which came into effect from May 25, provides European Union citizens greater control over their personal information is collected, processed and used online. Contravention of GDPR laws could lead to penalties amounting to either 20 million euros or four percent of their annual turnover.

Europeans were blocked from several US news outlets as a result of this regulation with the rollout of GDPR norms, media reports said. News websites under the Tronc and Lee Enterprises media publishing houses were affected, including New York Daily News, Chicago Tribune, LA Times, Orlando Sentinel and Baltimore Sun, a BBC report said. CNN and New York Times were not affected.