No one said protecting the privacy of 2.2 billion people who use a public social network was going to be easy. Indeed, even Facebook CEO Mark Zuckerberg described the task at hand as “complicated” and “complex” while apologizing for not doing enough to protect the personal data of its users.
Therefore, it should come as welcomed news that Facebook has promised to fully comply with the European Union’s new General Data Protection Regulations when they go into effect next month, right?
Not so fast. While Facebook’s approximately 400 million European users will gain unpreceded levels of transparency, protection and control of data collected about them as mandated by GDPR, Facebook CEO Mark Zuckerberg has indicated that users outside of the EU may not be given all the same data privacy tools available to Europeans. This stands in stark contrast to companies like Apple that understand we value our privacy as highly as they do our data and have pledged to give people in the United States and elsewhere the same protections and rights that Europeans will gain through GDPR.
That Facebook has the ability to protect its European users in compliance with GDPR yet chooses not to extend all those same protections to all its users around the world suggests that data privacy is only important to Facebook when it is forced to make it important. Governments around the world should take note and impose GDPR-like regulations of their own because companies like Facebook have proven time and time again that they cannot be trusted with our most sensitive information.
No longer can we accept Zuckerberg’s apologies for past sins and wait for him to figure out how to control the world’s largest social network that he created. The time has come for people around the world to demand from Facebook and other companies the same data protection rights granted to the citizens of the EU in exchange for our loyalty. It’s time for #GDPRforAll.
Suni Munshani is the CEO of Protegrity, a provider of enterprise data-centric security solutions.