Anonymity on the Internet is inconvenient and virtually impossible for a modern user. We already know this. And what about privacy? This topic is more complicated. It is more difficult for an user to find and understand where his personal data can go and how it can be used in the future. However, the European legislators do not give up. Europeans hope that the situation will become more transparent and predictable for them starting from this spring.
What will be changed in EU?
The law "General rules of data protection" will begin to operate in the European Union starting from 25th of May, 2018. This law will provide protection for users: now every European citizen will know for sure how his personal data is collected and stored. In addition, each company will have to provide information why it collects information about the user's name, his home and IP addresses. It will also affect the trackers of mobile applications. Also, Europeans are entitled to change their data and the right to restrict, that means they can choose what information they want to share.
Although the law protects users in the territory of 28 EU member states, this does not mean that a company that is registered in America or India will step down from responsibility. The law will apply to online publications, banks, universities, companies that track data on the use of websites and applications.
Now, if you live in the EU and want to delete your photo from the social network, the social network will contact the search engines to remove the photo too.
The law has not yet entered into force, but the smartest corporations are already changing their privacy policy. After all, this European initiative will most likely establish new rules for data protection around the world within the next 10 years. This is the opinion of Sheila Kolkais, chief information officer of Acxiom, for example. Acxiom is a data broker that provides information on more than 700 million people based on the history of purchases, registration of vehicles and other sources.
Who is happy about it?
Most of all many users would like to receive a guaranteed "right to oblivion", which is in other words the opportunity to permanently remove their own images or personal data from the Internet. And since May all EU citizens will have such an opportunity.
Private data protection activists are going to use the law as a weapon to combat the corporate data collection system. The law is a chance to completely change the economy of the industry. From the very beginning, the companies were financially interested in data collection and their monetization. Now EU consumers will have freedom of choice. This emphasis on consent makes the data monetization a financial reward not for owning these data, but for creating consumer confidence.
According to David Carroll, professor of media design at The New School, the law provides a realistic chance to re-examine the interaction terms between personal information and companies, instead of using the data of users unthinkingly.
Carroll believes that the data collected by the activists can form the basis for new investigations and ways to hold companies accountable.
The need for transparency and accountability is higher than ever. Because the data that an user agrees to share can be used not only to offer him a new pair of shoes, but also for radical manipulation.
Privacy advocates expect the opportunity to change the data. Activists fought for a long time for this right.The Austrian citizen Max Schrems sued Facebook for violation of privacy in 2013. Shrems believes that US programs for users surveillance are contrary to European laws that protect privacy. Responding to this case the court canceled the agreement on the Safe Harbor data exchange between the US and Europe. Getting data from Facebook archives has become much easier, and the face recognition system has been limited to users from Europe. Max Schrems again appealed to the court in 2014, saying that Facebook is cooperating with the US National Security Agency. In November, the activist launched the non-profit company None of Your Business, which will use the new law to compete with such high-tech giants as Facebook, Google & Co and their highly qualified lawyers and IT specialists on an equal footing.
Paul-Olivier Dehaye, mathematician and co-founder of PersonalData.IO, used the data protection law in the UK to help people access personal information processed by Cambridge Analytica. He revealed violations against more than 50 million Facebook users. Dihey assumes that the new law will help to identify even more violations.
Is someone not happy?
The impact of the law will depend on how aggressively users apply their new rights. Therefore, this law also causes skeptics. After all, people are used to search on the Internet for entertainment, favor, answers to their questions which is the most useful content.
Everyone guessed anyway that free content is not completely free of charge but is somehow connected with advertising. Many tried not to think about data protection. And what if the personal information of Europeans will now be protected will they be able to enjoy the same level of content, all what was previously accessible, interesting and enjoyable on the Internet?
Fatima Hatlibu, chief analyst for Forrester, the company dealing with market research, believes that consumers understand the value of sharing their data for advertising and getting free content in exchange. So, most likely, they will give a voluntary consent to the use of personal information.
A lot will depend on the exact form of processing and storing data requests.
PageFair is the company regulating the relationship between publishers and ad blockers. Six months ago it conducted a survey, which provided users with a choice to track. For example, an user can "agree with all trackings" or "reject all trackings, unless it is strictly necessary for the requested services." Only 5% of the 300 respondents agreed to all tracings.
Drawbridge company does not understand how to ensure consumers' consent to display ads. Meanwhile, the Drawbridge business is built precisely on advertising technologies and tracking users on different devices. Representatives of the company have already said that they will significantly reduce the share of their business in the EU after the new law comes into force.
What about Google and Facebook?
The law has already contributed to some changes in data collection and processing procedures of such giants as Google and Facebook.
Google announced in June last year that Gmail would stop processing emails for targeted advertising. Then for the first time since 2009 Google updated its personal privacy panel for more convenient use in September. Also Google said they are committed to comply with the law on "General Data Protection Rules" for all search engine services, Gmail and other advertising research.
Facebook announced a new privacy panel in January 2018 but it is still not launched yet. Rob Sherman, Facebook Deputy Chief of Public Relations promised to the publisher of the information portal WIRED: "Every Facebook user will see the results of privacy improvements. In addition to the law on "General Data Protection Rules," we study other areas to see how we can give people more control and better explain how their personal data is used."
"General rules for data protection" standardize the rights of users in all EU countries. Violators of this law will face fines of up to 4% of annual income. For Facebook, it will be $ 1.6 billion, for Google $ 4.4 billion.
However there are potential loopholes in the legislation that allow you to process personal data without the user's consent. This relies to "legal business interests", which include the use of e-mail for online advertising.