Apple, Amazon and Google Also Are Bracing for Privacy Regulations
We are finally waking up to the fact that we aren’t merely “the product” of companies like Facebook Inc. and Alphabet Inc.’s Google. As one Silicon Valley investor put it, we are their fuel.
At least our personal data is: Every week, it seems, we are treated to fresh revelations of hacks, leaks and exploitation of our information, along with ever louder cries for regulation and consumer protection, in the U.S. and Europe.
What is less appreciated is the degree to which Apple Inc. and Amazon.com Inc.—which must maintain a direct relationship with their paying customers—could also be affected, both for good and for ill. (Another tech giant, Microsoft Corp. , hasn’t played as big a role in the smartphone revolution and hasn’t seen similar growth, but it too must comply with forthcoming regulation.)
The past decade saw an explosion in revenue and value for these four companies sufficient to put them atop the global economy. But the laissez-faire environment in which they have operated is for the first time plausibly coming to an end.
Facebook is the lightning rod: Across the political spectrum, statements by public figures and recent surveys reveal Americans are suddenly more concerned about the power of Facebook. Possibilities that seemed remote just six months ago, such as action by state attorneys general, are now reality. Missouri’s AG is demanding Facebook say which political campaigns paid for users’ personal data and whether users were notified.
In Europe, strict privacy regulations known as the General Data Protection Regulation come into force on May 25.
GDPR is designed to include penalties that are “effective and dissuasive.” Depending on the offense—including mishandling of personal data, failure to exclude children from age-inappropriate services or content and many others—fines can be as high as 4% of a company’s global revenue. Based on 2017 revenue, for Facebook that could be $1.6 billion.
And as GDPR rules could cover EU citizens no matter where they live or travel, multinational companies may not be able to simply fence off their services geographically. Facebook Chief Executive Mark Zuckerberg recently said his company is working on extending GDPR protections to every user.
Mr. Zuckerberg also recently said that regulation of companies like Facebook is inevitable, and that he supports mandating that internet companies label political advertising, something the company has already pledged to do.
This is on top of the EU’s parallel effort to force U.S. tech giants to change how their services work on antitrust grounds, which is inspiring lawmakers in the U.S.