George Soros - the billionaire hedge fund investor turned philanthropist has laid into Facebook and Google, but says that EU wide regulations are at least holding the companies in check. Under GDPR rules, Facebook could theoretically be fined $1billion, Google even more. But would regulators dare?

Speaking at the World Economic Forum at Davos, George Soros said that Facebook and Alphabet subsidiary Google, “deliberately engineer addiction to the services they provide.” He added: "This can be very harmful, particularly for adolescents. There is a similarity between internet platforms and gambling companies. Casinos have developed techniques to hook gamblers to the point where they gamble away all their money, even money they don't have."

Soros continued: “Social-media companies are inducing people to give up their autonomy. The power to shape people's attention is increasingly concentrated in the hands of a few companies threatening the concept of ‘the freedom of mind.’”

Turning to the subject of data, he said: “They exploit the data they control, bundle the services they offer, and use discriminatory pricing to keep for themselves more of the benefits that otherwise they would have to share with consumers.”

And yet, within Europe he was more hopeful. He said: “The European Union is better situated because it doesn't have any platform giants of its own,” and “Europe has much stronger privacy and data-protection laws than America.”

He continued, “Commissioner Vestager (European Commissioner for Competition) is the champion of the European approach. It took the EU seven years to build a case against Google, but as a result of her success, the process has been greatly accelerated. Due to her proselytizing, the European approach has begun to affect attitudes in the United States as well.”

But this begs the question, will GDPR - General Data Protection Regulation - really clip Google and Facebook’s wings?

GDPR relates to individual’s personal data, if the data is anonymous, and cannot be ascribed to individuals, it may fall within permissible uses within GDPR. But, in the age of AI analysing data across data streams, it can be pinpointed with unnerving accuracy.

In 2009, the Electronic Frontier Foundation (EFF) said that new changes “are clearly intended to push Facebook users to publicly share even more information than before. Even worse, the changes will actually reduce the amount of control that users have over some of their personal data.”

In short, Facebook has form.

But recently, Facebook COO Sheryl Sandberg said that the company is “rolling out a new privacy center globally that will put the core privacy settings for Facebook in one place and make it much easier for people to manage their data.”

Last year the company said that it had put together “the largest cross functional team” to support General Data Protection Regulation compliance.

And yet, if George Soros is right, at core, social media companies apply data in a way that is surely contrary to the spirit of GDPR.

The regulation that is coming into force on May 25th, could entail fines of up to four per cent of a company’s turnover. For Facebook, this could be a billion dollars plus, for Alphabet, fines could be four times more than that, and for that matter, Alphabet has already been fined more than that by the EU over anti-trust issues.

GDPR rules means customers must freely give permission for their data to be used by a company. This means that they cannot be coerced to give permission or give permission in exchange for receiving a service. Presumably, they cannot be manipulated to give permission either, the very thing George Soros says social media companies are doing.

But would regulators really dare fine Facebook a billion dollars? They have proven themselves willing to fine US techs in the past, but if they did, GDPR would certainly start making the headlines, but then that is something that regulators do want. They just need an excuse.

GDPR Summit Series is a global series of GDPR events which will help businesses to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond.

Further information and conference details are available at http://www.gdprsummit.london/