The draft of the regulation proposes that companies that fail to adhere to the aforementioned laws as well as the ones regarding data breach notifications could be ordered to pay fines as high as 2% of their global revenue, Computerworld reports.
Facebook insists that faced with this, companies will resort to starting court battles that could end up costing EU states quite a lot.
"The high level of potential sanctions for breaches of the regulation risks turning relations between companies and regulators into a combative one, and may undermine the incentive of internet companies to invest in the EU," Facebook claims and adds that they are concerned that these fines could have an extremely negative impact on innovation and associated job creation among internet service companies.
"This could be a major blow for the European Union given that the internet sector is widely recognised as the major driver of job creation and growth in an otherwise moribund economic environment," they pointed out.
"Moreover, it should be borne in mind that the level of potential sanctions might create a disincentive for open engagement by companies with regulators…A regime that threatens businesses with such heavy fines would imperil this cooperation and drive people away from an open relationship with the Data Protection Agencies. Ultimately this will not deliver privacy benefits as effectively as a less litigious model…"
I definitely don't blame Facebook for trying to do everything it can to derail the proposed legislation, and I believe that they may succeed in getting it changed so that it includes smaller fines.
Still, I find it depressing that fines of these kind are often not large enough to make the majority of big companies pass on the opportunities that might lead to their paying.