More than 4 years after the GDPR was adopted, and nearly 2 years after it became fully enforceable on 25 May 2018, @DPCIreland, the EU authority responsible for enforcing the GDPR against most of big tech, announced its first two 'draft' decisions: https://www.cnet.com/news/twitter-and-whatsapp-in-firing-line-as-ireland-submits-first-draft-gdpr-decisions
Twitter, WhatsApp in firing line as Ireland submits first draft GDPR decisions

Big tech could be about to receive big fines and other sanctions if they're found to have flouted Europe's privacy law.

https://www.cnet.com/news/twitter-and-whatsapp-in-firing-line-as-ireland-submits-first-draft-gdpr-decisions
Better late than never, and both cases are interesting. But both don't go to the heart of today's surveillance business models, and many complaints and potential GDPR violations still remain unaddressed.
Pragmatically, under the given circumstances, the delay is perhaps unavoidable. EU data protection authorities are dramatically under-resourced, and they cannot take the risk of year-long appeal procedures against multi-billion dollar companies.

Practically, it's a disaster.
The tech industry has greatly benefited from non-enforcement, and still does. Violating people's rights and freedoms is not even a 'cost of doing business'.

Here's what I told TechCrunch in January about the state+implications of GDPR non-enforcement:
https://techcrunch.com/2020/01/17/privacy-experts-slam-uks-disastrous-failure-to-tackle-unlawful-adtech/
The GDPR is a compromise. But I still think, it's by far the best of all insufficient approaches to safeguarding rights in the age of pervasive data exploitation globally.

And although under-resourced, many EU data protection authorities do a great job in very different areas.
But enforcement in major (and very relevant+visible) areas from #bigtech to #adtech is a total fail.

The EU and member states should have invested massive resources already from 2016 on, in order to be able to act both forcefully and robustly after 2018.

They must do so now.
To emphasize this once more, many EU dp authorities do impressive work at the local level. I recommend e.g. reading some annual reports of German state DPAs, they're arbitrating personal data processing in SO many areas of society, very worthy.

Yet, this is all doomed if not...
See also this thread, including official info by @DPCIreland: https://twitter.com/FantaAlexx/status/1264138777762705408
You can follow @WolfieChristl.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more