Com­ing to terms with new cy­ber­law

China Daily European Weekly - - COMMENT - Har­vey Mor­ris

Chi­nese busi­nesses must square their poli­cies with EU’s lat­est, and some­times vague, reg­u­la­tions

Has your in­box just been del­uged with emails from or­ga­ni­za­tions you can barely re­call, des­per­ately beg­ging you to stay in touch? Join the club. The cy­ber­storm was all to do with the com­ing into force on March 25 of the Euro­pean Union’s Gen­eral Data Pro­tec­tion Reg­u­la­tion, which is in­tended to re­in­force online pri­vacy.

The law con­tains 99 ar­ti­cles and is thou­sands of words long. So it is a fair bet that, just like the pri­vacy terms we all have to tick off when we sign up to an online ser­vice, al­most no one has ac­tu­ally read it.

Lawyers are among the few who might ac­tu­ally see a ben­e­fit from the un­cer­tain­ties raised by the new reg­u­la­tions. They have been trawl­ing through the fine print to de­ter­mine, for ex­am­ple, how far Europe’s GDPR dif­fers from China’s 2017 Cy­ber­se­cu­rity Law and, if so, what that means for online ser­vice providers and re­tail­ers.

In a nut­shell, the new EU pri­vacy regime re­quires com­pa­nies and or­ga­ni­za­tions to ask ex­plic­itly if they may col­lect your data and also al­low you to delete any in­for­ma­tion they col­lect on you.

The trou­ble is that the new terms are even longer than the old ones, which no one both­ered to read any­way.

A decade ago — about a cen­tury in cy­ber­time — a US study con­cluded that “pri­vacy poli­cies are hard to read … and do not sup­port ra­tio­nal de­ci­sion mak­ing”. The au­thors found it would take the av­er­age user around 40 min­utes a day just to keep up with pri­vacy poli­cies.

The Euro­pean GDPR pulls to­gether a bunch of pri­vacy reg­u­la­tions that had sprouted along­side the growth of in­ter­net use.

The new rules were spelled out two years ago. By co­in­ci­dence, how­ever, they have come into force at a time when a se­ries of scan­dals have ex­posed the ex­tent to which big online com­pa­nies mine data from users to make their huge prof­its.

That, in turn, has been linked to ac­cu­sa­tions that data has also been ex­ploited to ma­nip­u­late the out­come of elec­tions in the West, from the US vote for Don­ald Trump to the Brexit vote in Bri­tain.

Face­book CEO Mark Zucker­berg had to spend an un­com­fort­able few hours be­ing grilled by the US Congress on al­leged mis­use of data, while in the UK an ad­vo­cacy group said it planned to sue Google for $4.3 bil­lion for un­de­clared data gath­er­ing.

So­cial me­dia users who for years had been post­ing noth­ing more dam­ag­ing than cat photos online were sud­denly hor­ri­fied at the idea that Big Brother was watch­ing them. Some de­cided to can­cel their ac­counts in a vain at­tempt to scrub their online iden­ti­ties.

Rather than em­brac­ing the pro­tec­tions of­fered by the GDPR, the anec­do­tal ev­i­dence is

Newspapers in English

Newspapers from China

© PressReader. All rights reserved.