Facebook founder Mark Zuckerberg agrees with sweeping new protections for internet users in Europe “in spirit,” according to Reuters. But he won’t commit, he said during the same interview, to holding the social giant he built accountable to the same rules elsewhere in the world.
The General Data Protection Regulation (GDPR) will give European internet users the right to know what information tech companies have stored about them, and to request that it be deleted — protections that greatly exceed those currently afforded to users elsewhere in the world, including the United States.
If the tech giants don't voluntarily comply with the new regulations across their entire use base, the GDPR could force their hand. David Carroll, a professor at the Parsons School of Design and a privacy advocate, is suing Cambridge Analytica to provide a copy of the file it assembled about him, on the grounds that the data was processed in the U.K. If he is able to prove he is a subject of the U.K. on this basis, Facebook and other companies may have to treat their other users as such, too.
The GDPR will take effect in late May, coming on the heels of a tumultuous spring for Facebook. It’s emerged this year not only that Russian political operatives used the platform to spread propaganda in an effort to disrupt the 2016 presidential election, but also that a consulting firm called Cambridge Analytica — itself linked to Donald Trump’s presidential campaign — collected personal details of tens of millions of users without their knowledge or consent.
As it’s become more clear how storehouses of user data can be used to spread havoc and violate privacy, advocates have pushed for tech companies to use the GDPR as a blueprint for privacy protections for users across the world.