The CJEU ruling grants the supervisory authorities of EU countries the right to initiate criminal proceedings for breaches of the EU General Data Protection Regulation (GDPR) in some certain circumstances.
The verdict could pave the way for data privacy watchdogs in the EU to take legal action against EU-based US tech giants such as Google, Twitter and Apple. The CJEU judgment came after a Belgian court petitioned Facebook for its failure to comply with the Belgian data protection watchdog’s decision to ban it from tracking users in the country.
Earlier, the EU and the US hoped to reach an agreement to allow for the maintenance of the transatlantic transfer of personal data, replacing the old one rejected by the CJEU. US tech giants such as Facebook, Google, Microsoft and many others are also looking forward to the deal to prevent legal hurdles for data transfers following the EU’s adoption of the GDPR in 2018.
The new regulations will give users more discretion with their personal data, while regulators also have more authority to deal with violators, with possible fines of up to 4% of their global revenue in a year.
In addition, the EU recently asked major technology firms to prevent fake news, to give authorities easier access to the algorithms they use, as well as to step up data verification.
This is part of the EU’s efforts to strengthen the code of conduct against fake information, which has been put in place since 2018, after it was reported many technology platforms were aiding the spread of fake news influencing the results of the US presidential election and the EU referendum on Brexit in 2016. Big tech firms, such as Google, Facebook, Twitter, and Microsoft, joined the code in 2018, while some other companies in the advertising sector began their participation in 2020.
In the context of COVID-19 developing and fake news about the pandemic spreading on social networking platforms, the European Commission (EC) wants the signatories to make more commitments. Voluntary as the commitments are, companies are under huge pressure to make these, as the EU is preparing to implement the Digital Services Act (DSA), which allows countries to impose fines on companies that are not aggressive in preventing fake news.
EC Vice President Vera Jourova called on the EU to establish a stricter and more detailed code of conduct to “eradicate” all profiteering activities based on disinformation. The DSA requires messaging platforms, such as Facebook’s WhatsApp, to jointly commit to preventing fake news, and providing regular reports on the effectiveness of the measures being taken.
These proposals will be up for discussion by the EC with the signatories to the code of conduct. If put into effect from the beginning of 2022, they will hand the EU unprecedented authority in shaping the way tech giants operate in Europe.
In addition to tightening the supervision over foreign tech firms’ activities, the EU has also opened antitrust investigations into the use of user data in the online advertising market and in oppressing rivals. The European Commissioner for Competition recently launched the first antitrust investigation against Facebook - the world’s no. 1 social network provider, and is conducting similar investigations with Amazon and Apple. Previously, Alphabet, the parent company of Google, had to pay a fine of nearly US$10 billion.
With increasingly clear and stricter legal regulations from the EU, it can be seen that the transatlantic relationship in the area of technology is facing multiple challenges. It is forecast that US tech giants may have to change their business models and pay large fines if they show a lack of cooperation and do not comply with the EU regulations.
At the recent EU-US Summit, the two sides made reconciliation efforts to promptly bring bilateral relations back to the old normal. It is hoped the EU’s legal action against the technology corporations as mentioned above will not hinder the normalisation of relations between the two sides of the Atlantic.