Title: Big Tech Giants’ Data Protection Fines: An Ineffective Deterrent
In 2023, the tech industry experienced significant milestones. Generative AI went mainstream, companies underwent rebranding, and big tech giants faced substantial fines for data abuse under GDPR. However, recent findings from Swiss privacy firm, Proton, suggest that these fines are merely a drop in the ocean and fail to serve as an effective deterrent for tech giants like Meta, Google, Apple, and Microsoft.
According to Proton, it took just one week into 2024 for these tech giants to accrue enough revenue to pay off all the fines imposed in the previous year. Head of Public Policy & Government Affairs at Proton, Jurgita Miseviciute, highlighted that these fines, although they appear significant, pale in comparison to the revenues generated by these companies. The fines, therefore, do not discourage them from engaging in data abuses.
Proton’s researchers calculated that Google’s parent company, Alphabet, can cover its $941 million fine in just over a day. Similarly, Amazon and Apple can repay their respective fines of $111.7 million and $186.4 million with just a few hours of earnings. Meta, which received a record $1.3 billion fine for mishandling EU user data, managed to accumulate the necessary funds in only five working days.
These findings emphasize that the fines imposed by data regulators are insignificant to tech giants and their business operations. Proton’s CEO, Andy Yen, referred to these fines as pocket change for these companies, enabling them to continue exploiting user data with minimal consequences. In some cases, tech firms may appeal or refuse to pay fines, leading to delayed repayments that span several years.
Ultimately, it is the average consumer who suffers the consequences. With little privacy protection, consumers face higher prices, reduced choice, and constant surveillance. To address these issues, Miseviciute suggests two key changes must occur.
Firstly, governments need to issue fines that have a genuine financial impact in order to challenge tech monopolies. Fines of up to 20% of global revenues, as proposed by the EU’s Digital Market Act, and up to 10% under the UK’s proposed Digital Markets, Competition and Consumers Bill, are steps in the right direction.
However, heavier sanctions alone are insufficient. Regulators must combine fines with enforced behavioral and structural changes to foster true accountability. The EU, equipped with powers gained through the Digital Market Act, is well-positioned to pioneer these measures. There are also positive regulatory developments in major jurisdictions such as the US, South Korea, Japan, and Australia.
Despite some promising progress, 2023 highlighted the lack of comprehensive data protection laws in many countries. The US, for instance, still lacks a federal data protection law, while India’s new privacy law faced criticism for favoring the government and big tech. In the EU, regulations seem to lack the necessary strength to curb tech giants’ data practices effectively.
In this increasingly tech-controlled landscape, individuals still have a choice in using data-hungry products. Numerous companies, like Proton, are developing privacy-first alternatives to big tech software. Proton offers encrypted email services, secure calendar options, cloud storage, a virtual private network app to enhance browsing anonymity, and a password manager tool for secure login details.
Other alternatives include encrypted messaging app Signal and the Mullvad browser. These smaller companies offer consumers the opportunity to prioritize their privacy and data security.
To truly protect user privacy, governments must take meaningful action against tech monopolies through substantial fines and enforce changes in their behavior and structure. Only then can consumers benefit from a marketplace that prioritizes privacy and fosters innovation.
In a world dominated by big tech, it is crucial to implement regulations that put people before profits and safeguard privacy for all.