BRUSSELS: New EU data protection laws take effect on May 25 to protect users’ online information, in what Brussels touts as a global benchmark after the Facebook scandal.
The laws will cover large tech companies like Google, Twitter and Facebook that use personal data as an advertising goldmine, as well as firms like banks and also public bodies.
One major change is that consumers must explicitly grant permission for their data to be used, while they can also specifically ask for their personal information to be deleted.
Firms face huge fines of up to €20 million or four percent of annual global turnover for failing to comply with the EU’s General Data Protection Regulation (GDPR).
“It’s your data — take control,” the European Commission, the EU’s executive arm, urges the bloc’s 500 million citizens in guidelines for the new rules.
The case for the new rules has been boosted by the recent scandal over the harvesting of Facebook users’ data by Cambridge Analytica, a US-British political research firm, for the 2016 US presidential election.
Facebook chief Mark Zuckerberg told US lawmakers last month the firm plans to fall into line with the EU rules as it seeks to rebuild its reputation after the breach, which affected 87 million users.
The scandal has proved a godsend for the EU.
EU Justice Commissioner Vera Jourova said in an interview that the incident fueled “a campaign” for the new European law in a way that she could never have done.
She said the EU was setting a global benchmark for data protection as many Americans who once criticized Europe as too set on regulation now see the need for the GDPR.
The Facebook scandal showed “that we really are living in the kind of jungle where we are losing ourselves,” the Czech commissioner added.
But not everything has run smoothly.
At least eight of the 28 EU countries will not have updated their laws by May 25.
The lack of preparedness comes despite the fact that the new laws were officially adopted two years ago, with a grace period until now to adapt to the rules.
This “will create some legal uncertainty,” Jourova said, blaming countries for neglect rather than resistance to the law.
Facebook, WhatsApp, Instagram and Twitter have all started in the last few weeks to alter their terms of use, but the situation appears more complicated for small- and medium-sized firms.
In Germany, the chamber of commerce and industry expressed fears smaller companies may react defiantly to what they call “excessive red tape” under threat of fines.
The new EU law establishes consumers’ “right to know” who is processing their information and what it will be used for.
Individuals will be able to block the processing of their data for commercial reasons and even have data deleted under the “right to be forgotten.”
They will have to be warned when there is unauthorized access, with the law establishing the key principle that individuals must explicitly grant permission for their data to be used.
Parents will decide for children until they reach the age of consent, which member states will set anywhere between 13 and 16 years old.
In return, EU officials argue that digital firms will benefit from regulation that restores consumer confidence and replaces the patchwork of national laws.
European leaders have backed the new laws.
French President Emmanuel Macron said in a speech in Germany last week that he welcomed the “brave choice” of the new law, calling it a cornerstone in a new “digital sovereignty.”
EU data laws set to bite after Facebook scandal
EU data laws set to bite after Facebook scandal
- One major change is that consumers must explicitly grant permission for their data to be used
- Facebook, WhatsApp, Instagram and Twitter have all started in the last few weeks to alter their terms of use
Disinformation the new enemy in disaster zones, says Red Cross
- “Harmful information and dehumanizing narratives” undermines humanitarian aid and putting lives of aid workers at risk
- Between 2020 and 2024, disasters affected nearly 700 million people, displaced over 105 million, and killed more than 270,000 — doubling the number in need of humanitarian aid
GENEVA: The rise of disinformation is undermining humanitarian aid and putting lives at risk, while disasters are affecting ever more people, the Red Cross warned Thursday.
“Between 2020 and 2024, disasters affected nearly 700 million people, caused more than 105 million displacements, and claimed over 270,000 lives,” the International Federation of Red Cross and Red Crescent Societies said.
The number of people needing humanitarian assistance more than doubled in the same timeframe, the IFRC said in its World Disasters Report 2026.
But the world’s largest humanitarian network said that “harmful information and dehumanizing narratives” were increasingly undermining trust, putting the lives of aid workers at risk.
“In polarized and politically-charged contexts, humanitarian principles such as neutrality and impartiality are increasingly misunderstood, misrepresented or deliberately attacked online,” it said.
The IFRC has more than 17 million volunteers across more than 191 countries.
“In every crisis I have witnessed, information is as essential as food, water and shelter,” said the Geneva-based federation’s secretary general Jagan Chapagain.
“But when information is false, misleading or deliberately manipulated, it can deepen fear, obstruct humanitarian access and cost lives.”
He said harmful information was not a new phenomenon, but it was now moving “with unprecedented speed and reach.”
Chapagain said digital platforms were proving “fertile ground for lies.”
The IFRC report said the challenge nowadays was no longer about the availability of information but its reliability, noting that the production and spread of disinformation was easily amplified by artificial intelligence.
- ‘Life and death’ -
The report cited numerous recent examples of harmful information hampering crisis response.
During the 2024 floods in Valencia, false narratives online accused the Spanish Red Cross of diverting aid to migrants, which in turn fueled “xenophobic attacks on volunteers,” the IFRC said.
In South Sudan, rumors that humanitarian agencies were distributing poisoned food “caused people to avoid life-saving aid” and led to threats against Red Cross staff.
In Lebanon, false claims that volunteers were spreading Covid-19, favoring certain groups with aid and providing unsafe cholera vaccines eroded trust and endangered vulnerable communities, the IFRC said.
And in Bangladesh, during political unrest, volunteers faced “widespread accusations of inaction and political alignment,” leading to harassment and reputational damage, it added.
Similar events were registered by the IFRC in Sudan, Myanmar, Peru, the United States, New Zealand, Canada, Kenya and Bulgaria.
The report underlined that around 94 percent of disasters were handled by national authorities and local communities, without international interventions.
“However, while volunteers, local leaders and community media are often the most trusted messengers, they operate in increasingly hostile and polarized information environments,” the IFRC said.
The federation called on governments, tech firms, humanitarian agencies and local actors to recognize that reliable information “is a matter of life and death.”
“Without trust, people are less likely to prepare, seek help or follow life-saving guidance; with it, communities act together, absorb shocks and recover more effectively,” said Chapagain.
The organization urged technology platforms to prioritize authoritative information from trusted sources in crisis contexts, and transparently moderate harmful content.
And it said humanitarian agencies needed to make preparing to deal with disinformation “a core function” of their operations, with trained teams and analytics.
