Data being leaked, stolen or monitored is not a new catastrophe for the world. Last year, we witnessed the Cambridge Analytica data scandal, in which millions of Facebook profiles were harvested for data and it is not the only case. Unfortunately, there are a quite a lot of scandals related to personal data. Then, the company in question comes forward and apologizes and changes the policies, give us a promise to be more transparent in future. Is it sufficient? What if any other company is victimized and data is compromised?
It is a vicious cycle. We always blame the companies handling the data for being irresponsible. Have you ever stopped and thought that whose data it is? Who should be more responsible for it? You might have not considered this up till now, aren’t we correct?
Fortunately, governments have started to take the matter in their hands. There have been regulations such as GDPR is formed, which seems to be right in terms of handling data.
In this post, we will talk about the ways how these laws and regulations provide us with protection and pushing companies to be more transparent.
Can’t Do Without Them
Throughout the Cambridge Analytica proceedings, Mark Zuckerberg was ordered to describe the similar social media platform which can be used instead of Facebook. Sadly, there is no other social media platform which has a wider network than Facebook.
Yes, there are other options such as Twitter but people need to post pictures and chat as well, so you can use Instagram, but again, it is Facebook’s.
Similarly, in the online shopping world, if someone asks can you live without Amazon, the answer would be no, as it is so convenient platform to buy stuff. There is always a dominating company in every industry, without which you can’t do without.
The question stays: how do they manage our personal data? There always be competitors in the industry to use but will the companies stop the usage of already collected data?
Handling Your Data with Government Intrusion
Well, US government has not passed laws on the national level, but the states have started acting on it. Soon, with time, companies will be forced to be transparent while collecting the data. Last year, June 2018, California enacted the stringent data protection law till date. As per the law, California Consumer Privacy Act, companies will need to inform consumers about what types of data they’re accumulating and provide consumers with an option to not let their data get sold.
So, now companies should have data which they sell to third parties in an easily available format, which a California resident could ask to access.
However, this law will not be in action till Jan 2020, which will provide companies a lot of time to prepare for it. Also, all the national companies which deal with California residents will have to follow the law.
Note: It is not a federal law, but it is a step in the correct direction.
Another similar law which came into effect was GDPR in May 2018. Under the law, any of the companies doing business with EU residents will fall under the law. That means plenty of US companies have to follow or else. The law is unprecedented with its ability to whoever handling your personal data.
Then again, is this sufficient?
Moving In Right Direction
Laws enacted last year, California rule and GDPR seems to be the right step. However, these only will not be able to stop debacles like Cambridge Analytica scandal.
Let’s take an example of Cambridge Analytica scandal and GDPR, as per the law, companies have to take permission before collecting data but in the case of Cambridge Analytica scandal, the permission was not required to get hands-on personal data of friends of people who downloaded harvesting tool. Would those people be secured by GDPR?
As per California proposed law, they are forcing companies to be transparent, but if any of them violated, there are no harsh consequences. Any unauthorized breach of personal information, then you can sue the company for up to $750. Of course, the state attorney general could impose additional fees, however, there is no fixed penalty defined as in GDPR.
And if there is a violation, how many of us would take the pain to take out time and file a lawsuit, when you already know you will only get USD 750 out of it. Therefore, to motivate or push the companies towards transparency when handling our personal data, there has to be stringent policy and penalty in case they infringe the law.
Also, these laws need to be generalized and accepted across the world, as it’s everyone’s data on a stake, not only California residents or EU residents’
Majority of companies are restricted to what type of data and amount of data, they are collecting. You can deny sharing your data with apps on Facebook. Regulations enacted are pushing the companies to be more transparent and provide more protection to users. So, it is becoming more consumer-centric.
It is important to monitor the real value of data continuously. It is merchandise for companies which deal in data and regulations and it could have a big effect on business models. The companies with futuristic views would definitely figure out the way to put users first and also continue to use data to generate revenue.
Also, the government creating more rules and regulations to guarantee users’ safety would be a helping hand. Also, users need to be very careful while giving away their personal data. As handling data is not one person or entity’s task, it is a collective work, which can be improved with regular feedback and open discussions. No doubt, it is going to take time, but with collective and continuous work, we could do much better.
What do you think? Please mention your thoughts in the comments section below.