GDPR is not perfect, but it is one of a kind
Dec 6, 2018
Critics argue that GDPR is unfairly criticized, protecting privacy while facing opposition from tech giants and media industry.
Last month, the long-awaited piece of media legislation, the Global Data Protection Regulation, finally came into effect. This 2016 law gave publishers two years to comply, but it wasn't enough. Many publishers restricted or blocked European users to avoid potential fines. Two main reactions emerged: outrage over inevitable accusations of privacy breaches, and surprise at claims that the GDPR is a tool for governments to create a “Splinternet,” a web that isn't equal for everyone. This seems more like a marketing, PR, and legal maneuver by tech giants to demonize a step towards privacy protection. The attackers of democracy are not only the traditional monopolistic corporations but also trendy, liberal elites across the Western world who are aiding corporations and governments in eroding individual rights.
Consider this: the companies affected by the GDPR are incredibly wealthy. The legislation gives them more work, which means less money for shareholders, the ultimate concern for a large corporation. There's a tacit agreement between the intellectual elite and the media to downplay this fact, leading to press releases that “reinforce commitment to users,” “prioritize the user,” or “make it easier for people to share what they love” (all phrases from actual press releases).
The impact of the GDPR resulted in two things. First, a massive amount of denunciations, criticisms, and lawsuits against digital giants like Google and Facebook. Second, a concern that GDPR creates a “Splinternet,” where people have different access levels to web services and content.
Regarding the first point, it's obvious. Tech giants have lots of money, making legal actions likely, especially if the law's interpretations are flexible enough to challenge their lawyers. But it's difficult. Not that they don't commit infractions, as Facebook made clear during the Cambridge Analytica scandal.
The second point is more complex. The new law was made by politicians, not people-centric institutions, so it should be viewed with suspicion. Governments are authoritarian and will do everything they can to rule freely if not checked by external bodies. So, any opposition to the law (and governments) is not only allowed but also healthy.
However, there's a catch. Most media industry big names criticized the GDPR more than they welcomed it. Criticisms were often short-sighted and sided with businesses over people.
Reports of Splinternets, publishers blocking European users, and other examples rarely mentioned that Facebook would have received the largest fine in digital company history (20% of their global revenue or USD 8 billion) if the Cambridge Analytica case had occurred under the GDPR. American users are much more for sale than European ones. The focus remained on how much money European publishers would lose, or how disadvantaged European users would be with their data more protected. The general sentiment is that GDPR is a problem, not a solution. Protecting users' privacy is not as expensive as many claim - unless you exploit data unethically.
Even if the new legislation creates friction, it's wrong to paint it as a problem, especially using the argument that Europeans are “less free”. The Cambridge Analytica scandal showed that the era of unprotected digital data needs to end. We've always known that we're tracked across the web to serve advertisers. What wasn't clear until now was that companies not only profile us but are also recklessly careless with our data. Stories worse than Cambridge Analytica are mentioned by informed insiders but don't surface due to lack of evidence.
We shouldn't expect any compassion. Laws were originally created to oppress people, dictate taxes, and limit actions. Over time - and much bloodshed - they became a pact between the people of a society that governments would enforce. The European Parliament has passed harmful laws, like the infamous Right to Be Forgotten, but we mustn't conflate issues. The GDPR is a necessary protection against a greater evil, and there's no debate that starts from the argument of “less freedom”. It's a false pretext. The law needs to be challenged, but the discussion should begin the right way and without any marketing BS clouding our screens as if we were ignorant - even if many of us are.