In context: Few pieces of legislation have forced tech companies to take the privacy of their users' data seriously more than the EU's General Data Protection Regulation, better known as the GDPR. Among other things, the GDPR -- via a clause known as the "Right to Access" -- requires tech companies to provide users with all of the data that's been collected about them on request.
So far, most major international corporations have created automated systems that allow this to occur, but it seems that may not be quite good enough for some privacy advocates.
Privacy group noyb, headed up by Max Schrems, has filed numerous complaints against YouTube, Netflix, Spotify, Apple, Amazon, and more.
Schrems alleges that the companies either failed to comply with Right to Access rules entirely by ignoring requests for data or failed to provide required background information regarding how the data is used and who it's been shared with.
...Schrems is undoubtedly hoping the EU will put its money where its mouth is, and prove that the GDPR isn't a toothless piece of legislation.
By filing these complaints, Schrems is undoubtedly hoping the EU will put its money where its mouth is, and prove that the GDPR isn't a toothless piece of legislation.
In theory, if regulators do find that the companies in question have run afoul of the GDPR, the fines can get pretty high. According to noyb's complaint summary, Amazon (to name one example) could get hit with a maximum penalty of $8.02 billion.
We'll be monitoring this story moving forward, and we'll let you know if any of the companies targeted by Schrems' complaints issue any official statements.
