https://www.politico.com/story/2019/04/24/ireland-data-privacy-1270123
By NICHOLAS VINOCUR
Politico.com
04/24/2019
Last May, Europe imposed new data privacy guidelines that carry the hopes of
hundreds of millions of people around the world — including in the United
States — to rein in abuses by big tech companies.
Almost a year later, it’s apparent that the new rules have a significant
loophole: The designated lead regulator — the tiny nation of Ireland — has yet
to bring an enforcement action against a big tech firm.
That’s not entirely surprising. Despite its vows to beef up its threadbare
regulatory apparatus, Ireland has a long history of catering to the very
companies it is supposed to oversee, having wooed top Silicon Valley firms to
the Emerald Isle with promises of low taxes, open access to top officials, and
help securing funds to build glittering new headquarters.
Now, data-privacy experts and regulators in other countries alike are
questioning Ireland’s commitment to policing imminent privacy concerns like
Facebook’s reintroduction of facial recognition software and data sharing with
its recently purchased subsidiary WhatsApp, and Google’s sharing of information
across its burgeoning number of platforms.
Interviews with scores of privacy experts, data watchdogs, academics and
regulators in other countries reveal increasing concern that the landmark
General Data Protection Regulation, the product of years of wrangling with data
companies, is vulnerable because of the one provision on which the tech
companies prevailed: That the lead regulator be in the country in which the
tech firms have their “data controller” – in most cases, Ireland.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
