The EU Is About to Take a Bigger Stick to Big Tech
A new auditing regime should make harder to give Meta, Google and Amazon an easy ride on data protection.
It’s well established that the European Union has some of the strictest privacy laws in the world, threatening fines of up to 4% of a company’s annual turnover. A lesser-known fact, and one which large tech firms would like to keep quiet, is that the EU hasn’t enforced those rules very strictly.
Since introducing its landmark privacy law known as General Data Protection Regulation (GDPR) in 2018, the EU has delegated the job of policing Big Tech to the nations where the firms have their European headquarters. That puts enormous pressure on countries like Ireland, which hosts several large internet firms that have frequently been accused of flouting privacy law, including Meta Platforms Inc. Ireland has issued roughly 1 billion euros ($1.1 billion) worth of fines against Meta alone in the past five months, but the penalties took years to come about and, in the latest case, Ireland was forced by its European peers to significantly raise it. Ireland has long been a bottleneck for the EU’s enforcement because of the slow pace with which it has processed cases and its relatively business-friendly interpretation of GDPR rules.