Facebook Complies With GDPR, U.K. Warns Firms Not Ready

At an event in Brussels this week, Facebook COO Sheryl Sandberg announced that the social platform plans to introduce major privacy changes later this year. Facebook will roll out a global privacy settings hub for individuals to manage their data as part of an effort to comply with the European Union’s upcoming General Data Protection Regulation (GDPR), “which aims to simplify data protection laws and provide citizens across all member states with more control over their personal data,” reports ZDNet. Meanwhile, the U.K. government has issued “a warning over businesses’ lack of preparation for the change.”

“We’re rolling out a new privacy center globally that will put the core privacy settings for Facebook in one place and make it much easier for people to manage their data,” said Sandberg in Brussels on Tuesday, as reported by Reuters.


Last year, Facebook explained it had assembled a cross functional team of its companies to work on GDPR compliance. “From May 25 this year, the updated privacy framework will apply across the 28 Member State bloc — and any multinationals processing European citizens’ personal data will need to ensure they are compliant,” notes TechCrunch. “Not least because the regulation includes beefed up liabilities for companies that fail to meet its standards.”

Financial motivation for compliance is significant. Penalties under the new regulation can reach 4 percent of a company’s annual global turnover, which could exceed a billion dollars in Facebook’s case.

“Our apps have long been focused on giving people transparency and control and this gives us a very good foundation to meet all the requirements of the GDPR and to spur us on to continue investing in products and in educational tools to protect privacy,” Sandberg added.

According to Reuters, “Sandberg said Facebook had not done enough to stop the abuse of its platform and would double the number of people working on safety and security to 20,000 by the end of the year.”

Despite the significant financial risks in not complying with GDPR when it takes effect in May, a survey by the U.K government has found that many companies and organizations are not properly prepared or aware of the new legislation.

“Only one in four businesses in the construction sector are said to be aware of GDPR and awareness in manufacturing is also low,” reports ZDNet. “Meanwhile, the finance and insurance sectors are said to have the highest awareness of the incoming security legislation.” However, the report indicates that overall, “just under half of businesses — including a third of charities — have made changes to their cybersecurity policies as a result of GDPR.”

For those interested in more details about GDPR, TechCrunch has published a primer.