Skip to Content

GDPR Architect Says She Hardly Got Any Data Privacy Emails

While the world faced a mountain of grating emails about new European Union privacy rules, one of the law’s architects says her inbox barely registered a ripple.

EU Justice Commissioner Vera Jourova, who quit Facebook Inc.’s social network after calling it “a highway for hatred,” says her online presence is so low she barely got any notifications from companies that flooded the inboxes of Europeans in the run-up to the General Data Protection Regulation, or GDPR, taking effect last month.

“I didn’t get so many questions or requirements for consent because obviously I am not so much of a participant in the online world,” she said in a television interview on Bloomberg Markets: Rules & Returns. She hasn’t left all social media and is still using Twitter, “because this is a practical communication tool for me as a politician.”

Jourova decided to close her Facebook social media account long before the revelations this year that the data of as many as 87 million users ended up in the hands of Cambridge Analytica, the consulting firm that worked on Donald Trump’s U.S. presidential campaign. Fed up with being trolled, she decided to close her account already last year, urging companies like Facebook to do more to tackle terrorist content and hate speech.

The EU’s new privacy rules for the first time give regulators across Europe real teeth and the power to levy sanctions of as much as 4 percent of a company’s global annual sales for the most serious violations. Watchdogs are ready to do so, said Jourova, but they will coordinate and apply possible penalties “in a proportionate way.”

What irks Jourova more is that eight EU countries still haven’t adapted their national laws to the new regime. This will create legal uncertainty, she said. The European Commission is working with those countries, but will take action if problems remain.

“The commission has the obligation and the right at the same time, to start an infringement procedure which might happen already this year,” said Jourova.

The new law triggered the biggest mass communications campaign in history at Google as the tech giant — like other organizations from multinationals to schools and libraries –informed its users about how the changes would affect them.

“It’s so large that it’s going to take us a full week to push the notices out worldwide,” Peter Fleischer, Google’s global privacy counsel, told a data protection conference in Berlin in the run up to the May 25 deadline for the sweeping new measures to enter into force.

So far, 12 EU nations have adapted their national laws, while eight others, including Luxembourg, Italy and Spain are expected to do so this month. Belgium, Bulgaria, Cyprus and Hungary are among those expected to take longer, according to the latest EU figures.

This creates issues mainly in those countries and “some kind of legal uncertainty at this moment and that’s why we are pushing them to be ready as soon as possible,” said Jourova.