Photo Credit: pexels
It’s staggering how much data the biggest social media companies have about you. They know where you live, what type of education you have, who you like to converse with, where you go, your age, your interests, and your preferences. On just about any website you visit these days (not just social media sites), unobtrusive data-gathering tools go to work in the background, collecting information about every click you make.
Why aren’t more people fighting back to protect personal privacy?
One answer, quite simply, has to do with the way our minds think about data. According to one Dartmouth digital technology sociologist (yes, there’s such a thing these days!), our brains assess greater importance to things we can touch and feel, and less to abstract notions like “data.” Thus, while it’s very easy for your brain to tell you that your new 4K television is worth upwards of $1,000 – it has a much harder time attaching a specific monetary value to data about, say, your Tinder dating habits.
As a result, we are often willing to give away our personal information and not think twice about it until it’s hacked. But even when it’s been hacked, what are really our options? Over 145 million people had their personal financial information hacked as a result of the Equifax data breach, but what steps have most people taken as a response? In the meantime, hackers in some third-world country might be using your data to create all kinds of havoc.
Europe fights back against the loss of personal privacy
This vulnerability is one reason why the European Union has taken the lead in protecting consumer privacy. In early 2018, the EU unleashed a huge, omnibus General Data Protection Regulation (GDPR), which is intended to restore some of the privacy rights of European citizens. The regulation is so controversial precisely because it levies huge fines and penalties on companies that fail to comply with it.
What’s alarming for many companies (especially the ones that love to gobble up your data), is that “consent” is no longer going to be enough as a legal defense. In other words, just asking consumers to check a box every time they use your service saying they agree to all the terms and conditions is not enough.
Right now, companies use “consent” as the equivalent of a get-out-of-jail-free card. If something happens to your data now, they can just claim that you gave them your consent, and that they’re not liable. (It’s like signing one of those silly release forms when you go on a risky amusement park ride, stating that you can’t hold them liable if something goes wrong) But the GDPR changes the game – it appears to say that “consent” is necessary but no longer sufficient.
Without going all law school professor on you here, it means that the rules of the game could be changing for social media companies. That’s because many experts now predict that other nations – not just those in Europe – will begin to enact their own version of the GDPR. Moreover, the GDPR applies not just to European companies, but also to any company that does business with European citizens. That would include the likes of Facebook, Twitter and Google.
Clearly, we’ve reached a point where people are starting to wake up to the fact that their data has value, and that greater steps have to be taken to protect that data. While it might be scary to admit that new government regulation will actually help and not hurt, the fact remains that something needs to be done to protect personal privacy on social media.