Ireland's Data Protection Commissioner Helen Dixon has hit back at “ludicrous” comments from critics who complain her office has been too slow to rein in companies, including Facebook.
Just because someone resorts to social media to flag a possible breach of privacy law doesn’t mean her office should instantly “write up a letter and fine a company” , Ms Dixon said in an interview with Bloomberg.
“There’s far too much encouraging and setting of an expectation” that action should immediately follow “because somebody tweets that something is an infringement”, she said. “There has to be an end to the encouraging of superficial commentary.”
Ms Dixon’s agency has 27 privacy probes open targeting Apple, Google and other tech companies that have set up an EU hub in Ireland, according to the 2020 annual report published on Thursday. Facebook accounts for nine of these investigations and more are pending into its WhatsApp and Instagram units.
The workload has sparked criticism that the authority is too slow to take action. Noyb, a group set up by privacy activist Max Schrems, called on EU authorities last year to “take action” against the Irish Data Protection Commission over its failure to issue any significant fines since the EU’s General Data Protection Regulation took effect in 2018.
GDPR empowered EU data regulators to levy penalties of as much as 4% of a company’s annual revenue for the most serious violations. The Data Protection Commission in December issued the first fine in one of its big tech probes, slapping Twitter with a penalty of €450,000.
Part of the problem is that all of the agency’s pending cases targeting tech giants have EU-wide effects, meaning any decision has to be approved by Ms Dixon’s colleagues in the bloc’s other 26 nations. That can take months.
One of two pending probes into WhatsApp, that looks at a possible lack of transparency around data-sharing, could be concluded soon. Ms Dixon said her team already sent a draft decision for review and is now going through the objections and feedback she got from other EU watchdogs.
Other probes into Facebook, Instagram and WhatsApp could be up next, she said. TikTok was added in December to the long list of big tech companies the regulator has to monitor. Authorities that had already started probes into TikTok said they would hand them over, but this hasn’t happened yet, Ms Dixon said.
“We’re looking closely with TikTok at the legal bases they rely on to process children’s data and the measures they have in place to identify children on their platform” and to protect their data, she said.