Google, Facebook, Instagram and WhatsApp have been hit with a privacy complaint within hours of GDPR taking effect Friday.
Privacy-advocacy group Noyb.eu said all four companies are forcing people to adopt a “take it or leave it” approach with regard to privacy — essentially demanding that users submit to intrusive terms of service.
The group is run by Austrian data privacy activist Max Schrems, who compared that choice to a “North Korean election process.”
“Tons of ‘consent boxes’ popped up online or in applications, often combined with a threat, that the service cannot longer be used if user [does] not consent,” his group said in a statement.
GDPR, short for General Data Protection Regulation, is designed to give European Union citizens greater control over how their information is used online. It kicked in Friday, after a two-year transitional period, and its effect was immediate. For example, Europeans were blocked from several US news outlets Friday as a result of the regulation.
Google has said it’s taken key steps to ensure compliance ahead of the new law coming into effect.
“We build privacy and security into our products from the very earliest stages and are committed to complying with the EU General Data Protection Regulation,” a Google spokesperson said in a statement responding to the complaint, which also noted its blog post on GDPR.
Facebook, which also owns Instagram and WhatsApp, said that the company has prepared itself to meet the requirements of the GDPR.
“Over the last 18 months, we have taken steps to update our products, policies and processes to provide users with meaningful data transparency and control across all the services that we provide in the EU,” Erin Egan, Facebook’s chief privacy officer, said in an emailed statement.
Companies that are found to be violating the privacy law can face steep fines.