AFAICT those fines have not been for missing cookie banners. And if I were Mark Zuckerberg, I might think to myself, “the EU is going to shake us down for ‘privacy violations’ no matter what we do, so why should I bother making our user experience worse with annoying cookie banners?”
(Also, to some extent, FAANG-scale companies may get fined but serve as a shield for all smaller companies. If you were a Brussels bureaucrat with a focus on fining websites for privacy issues, and you could get hundreds of millions for targeting a FAANG [not that you get to keep any of that money or plausibly tell yourself that your work improved the world in any meaningful way, but hey whatever floats your boat], would you bother fining Joe Startup $100k for imperfect privacy practices in the app they’re running from their garage in San Bruno?)
The size of the fine depends on the number of privacy violations.
Brussels bureaucrats are not the only people who can bring lawsuits for GDPR violations. A startup that makes money through an app likely has European customers and thus there are assets that could be targeted.
In practice, both the Google Play Store and the Apple store have rules that enforce privacy. Especially, Apple is quite willing to tell Joe Startup that his app needs to follow the rules if it wants to be in their store.
AFAICT those fines have not been for missing cookie banners. And if I were Mark Zuckerberg, I might think to myself, “the EU is going to shake us down for ‘privacy violations’ no matter what we do, so why should I bother making our user experience worse with annoying cookie banners?”
(Also, to some extent, FAANG-scale companies may get fined but serve as a shield for all smaller companies. If you were a Brussels bureaucrat with a focus on fining websites for privacy issues, and you could get hundreds of millions for targeting a FAANG [not that you get to keep any of that money or plausibly tell yourself that your work improved the world in any meaningful way, but hey whatever floats your boat], would you bother fining Joe Startup $100k for imperfect privacy practices in the app they’re running from their garage in San Bruno?)
The size of the fine depends on the number of privacy violations.
Brussels bureaucrats are not the only people who can bring lawsuits for GDPR violations. A startup that makes money through an app likely has European customers and thus there are assets that could be targeted.
In practice, both the Google Play Store and the Apple store have rules that enforce privacy. Especially, Apple is quite willing to tell Joe Startup that his app needs to follow the rules if it wants to be in their store.
Small players could be fined to set precedents that can be used against larger players.