The very best authorized adviser to the Court docket of Justice of the European Union mentioned in a preliminary opinion that any EU nation can take authorized motion in opposition to firms equivalent to Fb over violations of information privateness guidelines—not simply the primary regulator in control of the corporate.

“The lead knowledge safety authority can’t be deemed as the only real enforcer of the GDPR in cross-border conditions, and should, in compliance with the related guidelines and cut-off dates offered for by the GDPR, intently cooperate with the opposite knowledge safety authorities involved,” the opinion said.