The European Union’s new data protection laws came into effect on Friday, with Brussels saying the changes will protect consumers from being like “people naked in an aquarium.”
The EU’s so-called General Data Protection Regulation (GDPR) has been blamed for a flood of spam emails and messages in recent weeks as firms rush to request the explicit consent of users to contact them.
Even though the rules were officially adopted two years ago, with a grace period until now to adapt to them, companies have been slow to act, resulting in a last-minute scramble this week.
Britain’s data protection watchdog, the Information Commissioner’s Office (ICO), said that its site had experienced “a few interruptions” as the deadline loomed, but said that “everything is working now.”
Brussels insists that the laws will become a global benchmark for the protection of people’s online information, particularly in the wake of the Facebook data harvesting scandal.
“The new rules will put the Europeans back in control of their data,” said EU Justice Commissioner Vera Jourova.
“When it comes to personal data today, people are naked in an aquarium.”
Companies can be fined up to 20 million euros ($24 million) or four percent of annual global turnover for breaching the strict new data rules for the EU, a market of 500 million people.
The law establishes the key principle that individuals must explicitly grant permission for their data to be used.
The new EU law also establishes consumers’ “right to know” who is processing their information and what it will be used for.
People will be able to block the processing of their data for commercial reasons and even have data deleted under the “right to be forgotten.”
Parents will decide for children until they reach the age of consent, which member states will set anywhere between 13 and 16 years old.
The case for the new rules has been boosted by the recent scandal over the harvesting of Facebook users’ data by Cambridge Analytica, a US-British political research firm, for the 2016 US presidential election.
The breach affected 87 million users, but Facebook said Wednesday it has found no evidence that any data from Europeans were sold to Cambridge Analytica.