{"id":11221,"date":"2019-06-01T09:00:10","date_gmt":"2019-06-01T16:00:10","guid":{"rendered":"https:\/\/www.privateinternetaccess.com\/blog\/?p=11221"},"modified":"2021-11-17T08:33:27","modified_gmt":"2021-11-17T16:33:27","slug":"general-data-protection-regulation-one-year-on-what-has-it-done","status":"publish","type":"post","link":"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/","title":{"rendered":"General Data Protection Regulation one year on: what has it done?"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">A year ago, arguably the most important event in the recent history of privacy occurred: the EU\u2019s <a href=\"https:\/\/www.privateinternetaccess.com\/blog\/?s=gdpr\">General Data Protection Regulation<\/a> (GDPR) started to be enforced. To mark that anniversary Privacy News Online will look at what the GDPR has achieved in its first 12 months, and what is likely to happen next.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The GDPR is a long, complex text, usefully summarized in <a href=\"https:\/\/www.accessnow.org\/wp-content\/uploads\/2018\/07\/GDPR-User-Guide_digital.pdf\">a short guide from Access Now<\/a>. The <a href=\"https:\/\/www.edpb.europa.eu\/about-edpb\/about-edpb\/who-we-are_en\">European Data Protection Board<\/a>, which works to ensure the consistent application of data protection rules throughout the European Union, and encourages cooperation between the EU\u2019s national data protection authorities, has released some <a href=\"https:\/\/www.edpb.europa.eu\/news\/news\/2019\/1-year-gdpr-taking-stock_en\">statistics about the GDPR\u2019s first year<\/a>. There have been over 144,000 queries and complaints, and over 89,000 data breaches have been logged, of which 63% have been closed and 37% are still underway. The vast majority of these queries and complaints are minor, with few if any broader implications. Major GDPR fines, too, have been limited. However, as Privacy News Online has previously reported, there have already been some very significant GDPR moves that will shape the regulatory environment in the EU and beyond.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">For example, just six minutes after the enforcement of GDPR began on 25 May last year, the Austrian data protection authority received <a href=\"https:\/\/www.privateinternetaccess.com\/blog\/why-did-privacy-expert-max-schrems-immediately-file-gdpr-complaints-against-google-and-facebook-and-will-he-win\/\">the first complaint under the new law<\/a>, from the privacy expert Max Schrems. It concerned the use of \u201cforced consent\u201d by Google and Facebook. This refers to the practice of offering two basic choices to users of an online service: agree to be tracked for the purposes of serving up ads, or be thrown off the service. That case is still being considered, but clearly could have a major impact on how online services operate.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In September, a formal complaint was submitted to the data protection authorities in the UK and in Ireland, asking them to investigate <a href=\"https:\/\/www.privateinternetaccess.com\/blog\/call-for-gdpr-investigation-that-could-kill-todays-real-time-bidding-system-for-online-ads\/\">the use of real-time bidding systems<\/a> by Google and other ad-tech companies. <a href=\"https:\/\/fixad.tech\/ad-tech-gdpr-complaint-is-extended-to-five-more-european-regulators\/\">The complaint was recently widened<\/a> to include four more countries. Real-time bidding lies at the heart of today\u2019s automated advertising systems, so a ruling against Google and the other ad-tech companies would have massive repercussions.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">At the end of 2018, the UK-based digital rights group Privacy International filed <a href=\"https:\/\/www.privateinternetaccess.com\/blog\/targeted-advertising-and-real-time-bidding-under-serious-threat-from-eus-gdpr\/\">GDPR complaints against data brokers<\/a> (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK. Again, a victory here would force a radical change in the way people advertise. The same month, seven consumer organizations from across Europe <a href=\"https:\/\/www.forbrukerradet.no\/side\/google-manipulates-users-into-constant-tracking\/\">filed GDPR complaints against Google<\/a> with their national data protection authorities. They accuse Google of \u201cusing deceptive design and misleading information, which results in users accepting to be constantly tracked\u201d.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In February of this year, <a href=\"https:\/\/www.privateinternetaccess.com\/blog\/google-hit-with-first-gdpr-fine-over-forced-consent-eight-new-complaints-filed-over-right-to-access\/\">the first big GDPR fine arrived<\/a>, as a result of the Max Schrems complaint. Google was ordered to pay 50 million euros by the French data protection authorities. At the same time, Schrems filed another eight complaints against top online streaming services: Amazon Prime, Apple Music, DAZN, Flimmit, Netflix, SoundCloud, Spotify and YouTube. At issue is the new \u201cright to access\u201d granted by the GDPR.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Recently, the local German data protection authority in Bavaria issued <a href=\"https:\/\/netzpolitik.org\/2019\/facebook-custom-audience-illegal-without-explicit-user-consent-bavarian-dpa-rules\/\">an important ruling against Facebook<\/a>. Kristin Benedikt, head of the Internet division at the Bavarian Data Protection Authority, explained the problem to the German online site Netzpolitik:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>When an online pharmacy or an online sex shop shares their customer list with Facebook, we cannot rule out that this reveals sensitive data. The same applies when someone visits the online shop of a political party or subscribes one of their newsletters. In all of these instances custom audiences reveal granular insights. Facebook adds this information to existing profiles and continues to use it, without notifying users or giving them a chance to object.<\/p><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">Moreover, Benedikt believes the ruling also applies to two arguably even more important aspects of Facebook: Lookalike Audience and the Facebook Pixel. Lookalike Audience allows advertisers to reach people with similar Facebook profiles to those in their own databases. The Facebook Pixel is an invisible single-pixel that is placed on a Web page to track visitors to that and other sites, and thus build up detailed profiles by consolidating information about them on Facebook\u2019s main database. Benedikt said:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>In our opinion usage of the pixel method also requires user consent in order to be permissible. Data processing under the pixel method is particularly extensive, tracking users across different websites and devices. This also applies to non-Facebook users. For users visiting a website tracking is neither expectable nor recognizable. Only those who are technically sophisticated can detect data processing in the background. This is neither transparent nor does the user have a real choice here.<\/p><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">Although this is a local German decision, it is likely that other EU authorities will look at the issue and rule in a similar way if cases are brought in their jurisdictions. If confirmed, it would drastically affect Facebook\u2019s business in the EU.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A little-noticed GDPR ruling in Poland could also have a major impact. It concerns the European digital marketing company Bisnode, which gathers information about people from a wide variety of sources. The Polish data protection agency ruled that <a href=\"https:\/\/techcrunch.com\/2019\/03\/30\/covert-data-scraping-on-watch-as-eu-dpa-lays-down-radical-gdpr-red-line\/\">it could not re-use information in this way<\/a> without individually contacting everyone concerned. Bisnode argued that this would be an disproportionate burden on the company, since it would cost millions of euros to carry out. <a href=\"https:\/\/www.prawo.pl\/biznes\/kogo-ukaral-uodo-za-naruszenie-rodo,391858.html\">A local newspaper report on the case<\/a> suggests that the company will appeal against the 220,000 euro fine, and delete records of people that it cannot easily contact. If upheld, this ruling would make the practice of data-scraping much more expensive in the EU.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The introduction of the GDPR has had other, rather unexpected, applications. For example, <a href=\"https:\/\/www.businessinsider.com\/prince-harry-beat-paparazzi-using-gdpr-law-new-royal-weapon-vs-media-2019-5?r=DE&amp;IR=T\">Prince Harry\u2019s lawyers invoked the GDPR<\/a> to argue that a helicopter taking pictures inside his home had invaded his privacy. Meanwhile, in Romania, the GDPR was used for a less welcome purpose: <a href=\"https:\/\/gdprhub.eu\/gdpr-misuse-in-romania-independence-of-dpa-and-transparency-keywords-or-buzzwords\/\">to demand information about sources<\/a> from an investigative journalist. That\u2019s certainly not what those who drew up the GDPR had in mind, but it\u2019s inevitable that people will try to abuse new powers when they become available.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">As the above indicates, there have been many interesting developments in the world of the GDPR during its first twelve months, with rulings that have been made, and others still under consideration. Next week\u2019s post will explore what is likely to happen in the GDPR\u2019s second year.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Featured image by <a href=\"https:\/\/pixabay.com\/illustrations\/gdpr-data-protection-privacy-3438462\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Pete Linforth<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A year ago, arguably the most important event in the recent history of privacy occurred: the EU\u2019s General Data Protection Regulation (GDPR) started to be enforced. To mark that anniversary Privacy News Online will look at what the GDPR has achieved in its first 12 months, and what is likely to happen next. The GDPR &hellip; <a href=\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;General Data Protection Regulation one year on: what has it done?&#8221;<\/span><\/a><\/p>\n","protected":false},"author":20,"featured_media":11232,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_stopmodifiedupdate":true,"_modified_date":"","footnotes":""},"categories":[1,130,1941],"tags":[1482,200,104,485,74,681,916,1483],"class_list":["post-11221","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-governments","category-surveillance","tag-data-scraping","tag-eu","tag-facebook","tag-gdpr","tag-google","tag-max-schrems","tag-real-time-bidding","tag-tracking-pixel"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.9 (Yoast SEO v26.9) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>General Data Protection Regulation one year on: what has it done?<\/title>\n<meta name=\"description\" content=\"A year ago, arguably the most important event in the recent history of privacy occurred: the EU&#039;s General Data Protection Regulation (GDPR) started to be\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"General Data Protection Regulation one year on: what has it done?\" \/>\n<meta property=\"og:description\" content=\"A year ago, arguably the most important event in the recent history of privacy occurred: the EU&#039;s General Data Protection Regulation (GDPR) started to be\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/\" \/>\n<meta property=\"og:site_name\" content=\"PIA\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/privateinternetaccess\/\" \/>\n<meta property=\"article:published_time\" content=\"2019-06-01T16:00:10+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-11-17T16:33:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2019\/05\/gdpr.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1258\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Glyn Moody\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@http:\/\/twitter.com\/glynmoody\" \/>\n<meta name=\"twitter:site\" content=\"@buyvpnservice\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Glyn Moody\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/\"},\"author\":{\"name\":\"Glyn Moody\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/99ba810662cdf92245f61106c0c29775\"},\"headline\":\"General Data Protection Regulation one year on: what has it done?\",\"datePublished\":\"2019-06-01T16:00:10+00:00\",\"dateModified\":\"2021-11-17T16:33:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/\"},\"wordCount\":1078,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2019\/05\/gdpr.jpg\",\"keywords\":[\"data scraping\",\"EU\",\"Facebook\",\"gdpr\",\"google\",\"max schrems\",\"real-time bidding\",\"tracking pixel\"],\"articleSection\":[\"General Privacy News\",\"Governments\",\"Surveillance\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/\",\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/\",\"name\":\"General Data Protection Regulation one year on: what has it done?\",\"isPartOf\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2019\/05\/gdpr.jpg\",\"datePublished\":\"2019-06-01T16:00:10+00:00\",\"dateModified\":\"2021-11-17T16:33:27+00:00\",\"description\":\"A year ago, arguably the most important event in the recent history of privacy occurred: the EU's General Data Protection Regulation (GDPR) started to be\",\"breadcrumb\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#primaryimage\",\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2019\/05\/gdpr.jpg\",\"contentUrl\":\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2019\/05\/gdpr.jpg\",\"width\":1920,\"height\":1258},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.privateinternetaccess.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"General Data Protection Regulation one year on: what has it done?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#website\",\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/\",\"name\":\"PIA\",\"description\":\"Online privacy news from around the world.\",\"publisher\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.privateinternetaccess.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#organization\",\"name\":\"Private Internet Access\",\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/pialogowhitekglogo.png\",\"contentUrl\":\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/pialogowhitekglogo.png\",\"width\":1200,\"height\":1200,\"caption\":\"Private Internet Access\"},\"image\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/privateinternetaccess\/\",\"https:\/\/x.com\/buyvpnservice\",\"https:\/\/www.instagram.com\/piavpn\/\",\"https:\/\/www.youtube.com\/channel\/UClyJZ47Rizb1xnwuKXDI0_w\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/99ba810662cdf92245f61106c0c29775\",\"name\":\"Glyn Moody\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/220b7317aa40ea679b23b79c368761eb6fd45039d978354b06dc7683a812d2fc?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/220b7317aa40ea679b23b79c368761eb6fd45039d978354b06dc7683a812d2fc?s=96&d=mm&r=g\",\"caption\":\"Glyn Moody\"},\"description\":\"Glyn Moody is a freelance journalist who writes and speaks about privacy, surveillance, digital rights, open source, copyright, patents and general policy issues involving digital technology. He started covering the business use of the Internet in 1994, and wrote the first mainstream feature about Linux, which appeared in Wired in August 1997. His book, \\\"Rebel Code,\\\" is the first and only detailed history of the rise of open source, while his subsequent work, \\\"The Digital Code of Life,\\\" explores bioinformatics - the intersection of computing with genomics.\",\"sameAs\":[\"http:\/\/opendotdotdot.blogspot.com\/\",\"https:\/\/www.linkedin.com\/in\/glynmoody\/\",\"https:\/\/x.com\/http:\/\/twitter.com\/glynmoody\"],\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/author\/glynmoody\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"General Data Protection Regulation one year on: what has it done?","description":"A year ago, arguably the most important event in the recent history of privacy occurred: the EU's General Data Protection Regulation (GDPR) started to be","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/","og_locale":"en_US","og_type":"article","og_title":"General Data Protection Regulation one year on: what has it done?","og_description":"A year ago, arguably the most important event in the recent history of privacy occurred: the EU's General Data Protection Regulation (GDPR) started to be","og_url":"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/","og_site_name":"PIA","article_publisher":"https:\/\/www.facebook.com\/privateinternetaccess\/","article_published_time":"2019-06-01T16:00:10+00:00","article_modified_time":"2021-11-17T16:33:27+00:00","og_image":[{"width":1920,"height":1258,"url":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2019\/05\/gdpr.jpg","type":"image\/jpeg"}],"author":"Glyn Moody","twitter_card":"summary_large_image","twitter_creator":"@http:\/\/twitter.com\/glynmoody","twitter_site":"@buyvpnservice","twitter_misc":{"Written by":"Glyn Moody","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#article","isPartOf":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/"},"author":{"name":"Glyn Moody","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/99ba810662cdf92245f61106c0c29775"},"headline":"General Data Protection Regulation one year on: what has it done?","datePublished":"2019-06-01T16:00:10+00:00","dateModified":"2021-11-17T16:33:27+00:00","mainEntityOfPage":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/"},"wordCount":1078,"commentCount":0,"publisher":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#primaryimage"},"thumbnailUrl":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2019\/05\/gdpr.jpg","keywords":["data scraping","EU","Facebook","gdpr","google","max schrems","real-time bidding","tracking pixel"],"articleSection":["General Privacy News","Governments","Surveillance"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/","url":"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/","name":"General Data Protection Regulation one year on: what has it done?","isPartOf":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#primaryimage"},"image":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#primaryimage"},"thumbnailUrl":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2019\/05\/gdpr.jpg","datePublished":"2019-06-01T16:00:10+00:00","dateModified":"2021-11-17T16:33:27+00:00","description":"A year ago, arguably the most important event in the recent history of privacy occurred: the EU's General Data Protection Regulation (GDPR) started to be","breadcrumb":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#primaryimage","url":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2019\/05\/gdpr.jpg","contentUrl":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2019\/05\/gdpr.jpg","width":1920,"height":1258},{"@type":"BreadcrumbList","@id":"https:\/\/www.privateinternetaccess.com\/blog\/general-data-protection-regulation-one-year-on-what-has-it-done\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.privateinternetaccess.com\/blog\/"},{"@type":"ListItem","position":2,"name":"General Data Protection Regulation one year on: what has it done?"}]},{"@type":"WebSite","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#website","url":"https:\/\/www.privateinternetaccess.com\/blog\/","name":"PIA","description":"Online privacy news from around the world.","publisher":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.privateinternetaccess.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#organization","name":"Private Internet Access","url":"https:\/\/www.privateinternetaccess.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/pialogowhitekglogo.png","contentUrl":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/pialogowhitekglogo.png","width":1200,"height":1200,"caption":"Private Internet Access"},"image":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/privateinternetaccess\/","https:\/\/x.com\/buyvpnservice","https:\/\/www.instagram.com\/piavpn\/","https:\/\/www.youtube.com\/channel\/UClyJZ47Rizb1xnwuKXDI0_w"]},{"@type":"Person","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/99ba810662cdf92245f61106c0c29775","name":"Glyn Moody","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/220b7317aa40ea679b23b79c368761eb6fd45039d978354b06dc7683a812d2fc?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/220b7317aa40ea679b23b79c368761eb6fd45039d978354b06dc7683a812d2fc?s=96&d=mm&r=g","caption":"Glyn Moody"},"description":"Glyn Moody is a freelance journalist who writes and speaks about privacy, surveillance, digital rights, open source, copyright, patents and general policy issues involving digital technology. He started covering the business use of the Internet in 1994, and wrote the first mainstream feature about Linux, which appeared in Wired in August 1997. His book, \"Rebel Code,\" is the first and only detailed history of the rise of open source, while his subsequent work, \"The Digital Code of Life,\" explores bioinformatics - the intersection of computing with genomics.","sameAs":["http:\/\/opendotdotdot.blogspot.com\/","https:\/\/www.linkedin.com\/in\/glynmoody\/","https:\/\/x.com\/http:\/\/twitter.com\/glynmoody"],"url":"https:\/\/www.privateinternetaccess.com\/blog\/author\/glynmoody\/"}]}},"_links":{"self":[{"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/posts\/11221","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/comments?post=11221"}],"version-history":[{"count":27,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/posts\/11221\/revisions"}],"predecessor-version":[{"id":29557,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/posts\/11221\/revisions\/29557"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/media\/11232"}],"wp:attachment":[{"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/media?parent=11221"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/categories?post=11221"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/tags?post=11221"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}