Navigating the maze of digital-privacy fine print
GDPR is a welcome change in Europe, but it won’t stop companies trying to tricking us into volunteering our data, writes Shaun Prescott.
If you’ve ever ordered something from Europe, or signed up for an account with a European website, chances are you received (or have been bombarded by) emails concerning the new General Data Protection Regulation. This is a sweeping set of reforms to how companies and organisations deal with the personal data of its users. In other words, it “regulates the processing by an individual, a company or an organisation of personal data relating to individuals in the EU.” Whether you regularly shop with an EU-based outlet, or whether you bought a sole packet of fancy doilees from a German outlet in 2009, you probably got an email.
Naturally, the introduction of the GDPR doesn’t have everyone satisfied that privacy measures will be undertaken seriously, especially by the likes of Facebook, Google and Microsoft. According to a report in The Register last month, a handful of consumer privacy groups have approached the European Data Protection Board, requesting that it place further scrutiny on the tech giants. Whether the companies are technically abiding the GDPR isn’t really in question; rather are these companies using underhanded tactics in order to make users inadvertently volunteer their personal information?
The five consumer watchdogs included Consumers International, Privacy International, BEUC, Norwegian Consumer Council and ANEC. You’ve probably not heard of these, but it doesn’t really matter: what matters is they penned a joint letter to the GDPR with a fairly strong accusation. In the letter’s words, “companies employed numerous tricks and tactics to nudge or push consumers toward giving consent to sharing as much data for as many purposes as possible.”
It continues: “These include privacy-intrusive default settings, giving users an illusion of control, dark patterns such as hiding away privacy-friendly choices, and take-it-or-leave-it choices.”
The report this letter alludes to, published by the Norwegian Consumer Council and entitled ‘Deceived by Design’, has the overall conclusion that regulations that enforce certain freedoms to consumers can’t really pick apart the underhanded ways companies can trick you into volunteering your data. And they’re right: few weeks pass without an article published online demonstrating the labyrinthine obstacles one must overcome in order to stop Google gathering information the user didn’t even know was being gathered.
One could make the argument that its the user’s responsibility to make sure their privacy settings are optimised. But in this day and age, at a time when the likes of Google and Facebook are less “service providers” and more “baked into virtually every part of our daily life”, it’s essential that more transparency be enforced.
For most people in the 21st century, it’s simply not an option to opt-out of using these services. They’ve indelibly changed our reality.