The GDPR (General Data Protection Guideline) regulation comes into force right now, and Facebook and Google are already on the hook.
The GDPR governs how personal data can be collected and used by companies, which accounts for the flood of emails that you may have received today in your inbox. All firms, based in the EU or not must subscribe to the GDPR and operate in accordance with them, or be sanctioned.
noyb.eu is arguing that Facebook and Google are in breach of GDPR simply because they require you to either accept their terms or leave their services, a “take it or leave it approach”.
“The GDPR explicitly allows any data processing that is strictly necessary for the service – but using the data additionally for advertisement or to sell it on needs the users’ free opt-in consent,”, argues noyb.eu argues.
As Facebook or Google require you to consent wholesale to their terms, the group argues that is a violation.
Facebook and Google told the BBC that they had prepared for the GDPR and were dedicated to complying.
“We build privacy and security into our products from the very earliest stages and are committed to complying with the EU General Data Protection Regulation,” said Google in a statement.