How one country blocks the world on data privacy

[InfoSec News <alerts () infosecnews org>]

https://www.politico.com/story/2019/04/24/ireland-data-privacy-1270123

By NICHOLAS VINOCUR
Politico.com
04/24/2019

Last May, Europe imposed new data privacy guidelines that carry the hopes of 
hundreds of millions of people around the world — including in the United 
States — to rein in abuses by big tech companies.

Almost a year later, it’s apparent that the new rules have a significant 
loophole: The designated lead regulator — the tiny nation of Ireland — has yet 
to bring an enforcement action against a big tech firm.

That’s not entirely surprising. Despite its vows to beef up its threadbare 
regulatory apparatus, Ireland has a long history of catering to the very 
companies it is supposed to oversee, having wooed top Silicon Valley firms to 
the Emerald Isle with promises of low taxes, open access to top officials, and 
help securing funds to build glittering new headquarters.

Now, data-privacy experts and regulators in other countries alike are 
questioning Ireland’s commitment to policing imminent privacy concerns like 
Facebook’s reintroduction of facial recognition software and data sharing with 
its recently purchased subsidiary WhatsApp, and Google’s sharing of information 
across its burgeoning number of platforms.

Interviews with scores of privacy experts, data watchdogs, academics and 
regulators in other countries reveal increasing concern that the landmark 
General Data Protection Regulation, the product of years of wrangling with data 
companies, is vulnerable because of the one provision on which the tech 
companies prevailed: That the lead regulator be in the country in which the 
tech firms have their “data controller” – in most cases, Ireland.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_