The general regulation data protection (GDPR) entered into force throughout the European Union on 25 May 2018 and aims to give EU citizens greater control over their personal data. In particular, it introduces potentially huge fines for organizations deemed not to have protected their clients' data. And while GDPR has been seen by many as a major boost to data protection, Snowden seems to underestimate it.
"The problem is not data protection, the problem is data collection," he said.
Snowden was talking through video link from Russia, where she now lives after leaking details of secret US government surveillance programs to reporters on 2013.
"Data protection regulation presupposes that data collection is primarily correct, appropriate and does not pose a threat or risk as they will never leak," he added.
Snowden said that while the GDPR was a "good first attempt", he now says that "it's not the solution because it's not the good Internet that we want".
One of the most important features of GDPR is that organizations can face a maximum penalty of 20 million or 4% of global turnover - whichever is the greater. While some major GDPR fines have already been imposed, Snowden said: "Until we see these fines being applied to internet leaders every year, until they reform their behavior and start to comply, we can be sure of nothing." he said.
However, for Snowden the biggest issue is that the collection of personal data through websites, applications and more has become a dominant business model for the Internet.