Zuckerberg: Facebook will not make GDPR its global privacy standard
- Facebook will not extend privacy standards for the EU's General Data Protection Regulation (GDPR) across its platform worldwide. Instead, the company will be working on its global version, which will be "in spirit" with GDPR, Mark Zuckerberg said to Reuters.
- The social media company's founder and CEO did not specify which parts of GDPR the would not be applied worldwide.
- Many key tenants of GDPR, such as users' right to erasure, are already features of Facebook, and the majority of the data regulation has been a Facebook practice for years worldwide, according to Zuckerberg.
Zuckerberg's comments have come at a time when Facebook is still embroiled in the Cambridge Analytica scandal and under fire for not protecting users' data. Zuckerberg is set to testify before the House Energy and Commerce Committee next week.
While many companies are not expected to be in full compliance by the May 25 deadline, Zuckerberg's comments come in contrast to the compliance commitments of most large technology companies. Data of EU citizens and data that passes through the EU is subject to GDPR. In a highly interconnected, digital world it is difficult to confine the upcoming regulation to geographic boundaries.
Even in the U.S., where doubt that the strict regulation would apply to domestic companies persisted for a long time, by this point most companies and leadership have come to the understanding that compliance is necessary for their organization and started a path to compliance.
For many companies, the internal changes to data processing and handling required to be GDPR compliant are not easily segmented to a single region of business or a subset of individuals.
Google, like Facebook, is dependent on ad revenue and the use of personal data to tailor advertising but is embracing GDPR compliance on a more global scale. Last week, the company updated its ad policies for advertisers and publishers, refining user consent requirements, requiring consent records and clear paths to erasure from publishers and committing to a tool for non-personalized ads for users who don't give consent for their personal data.
Follow Alex Hickey on Twitter