You may have noticed that a lot of companies are updating their privacy policies. It’s not a coincidence. And these major corporations haven’t suddenly begun caring about the privacy of their users; in fact, many are still profiting from exploiting the information that they collect. These companies are updating their privacy policies to protect themselves.
The recent surge in privacy policy updates is due to the European Union’s General Data Protection Regulations becoming law on May 25th, 2018. Meaning, if these companies didn’t adhere to the new regulations by that time, they could face legal action.
Although the new regulations are specifically created for the privacy and data protection of people within the E.U., they also have jurisdiction over the export of personal data in other areas. For this reason, companies all around the world are updating their privacy policies in order to comply.
Despite the vast amount of updates in the last couple of weeks, the new regulations don’t come as a surprise. The General Data Protection Regulations have been known since 2016, but many companies delayed in adopting them because they upset their business model. If they really cared about your privacy, they would have implemented these changes years ago.
The General Data Protection Regulations challenge what has become a conventional business model for the technology sector: the commodification of personal data. The new regulations assert that the highest levels of privacy should be inherent to the systems and products we use, rather than an after thought.
The guiding principle on which these regulations are based is called Privacy by Design.
Instead of opting out of invasive data collection, users are asked to opt-in, and that consent is exclusive to a single category of use, even if personal data is anonymized. Should a company wish to use personal data for a different purpose—for example, commercial use instead of scientific—they would not be able to without consent for the user, which would be impossible if the data was effectively anonymized, which is all part of the new regulations.
Although many have attributed the recent uptick in privacy policy updates to the Facebook / Cambridge Analytica scandal, their optimism is unfortunately misplaced. Technology companies are not adopting these new measures for the protection of their users—although that may be an unintended, yet beneficial, side effect; they’re updating their privacy policies to protect themselves.
What do you think these new regulations mean for you, no matter where you’re located? No doubt, the privacy policies for many of the tools you use everyday have been rewritten, but will it have any impact on your daily life? Does it bring you any reassurance knowing that technologies companies are taking these E.U. laws seriously?
People said…