Receiving emails and letters from organisation asking you to update your permissions and preferences? Frequently seeing personal data and GDPR but not quite understanding what they mean? Well, I’ll break it down for you by answering the key questions.
You’re on Google and access your Gmail. You then go on YouTube, watch videos and like and comment on some. You proceed to use chrome to browse through some other websites. How much personal data have you given away just by doing that?
Firstly, in Gmail, Google knows your contact list. Then, as Google owns YouTube, Google also knows what videos you’ve been watching, and, which ones you like out of the ones you’ve seen. In Chrome, also owned by Google, Google knows what websites you visit. But, so what? I mean, what exactly will they do with this?
Well, this data is used, for example, to generate relevant recommendations or advertisements (so those creepy adverts that seem to show the product you were literally just looking at online hopefully feel less creepy). Also, data may also be used to develop artificial intelligence where data is used to learn from past activities to make new decisions. Data may also be used to help companies grow and develop.
But, at what point did we agree to all this? We were just innocently using services and agreeing to terms and conditions that no one has ever read in full because they are too long and hard to read AND NOW various organisations have online profiles of us!
What is personal data?
Personal data is information that identifies a person directly or indirectly. So, even if there is not a name attached, it may still be classified as personal data; data about gender, age and salary could be used to identify and individual within a company, without even knowing their name (now that’s what I call pro stalking.)
How is it collected, shared & used?
Personal data is collected, shared and used every day. When we shop in-store or online and use social media, details about our credit card, how much we spent, what photos we liked, what our phone number is, where we have been, have all been collected.
Organisations use this data to provide a more efficient service by using the personal data collected to better understand their customers or users. They may even share personal data with third parties in order to gain insights on how to develop their service.
For example, a shop may use the data to help create new products whereas a social media company may use the data to connect users to relevant friends, posts or products. However, personal data can be used beneficially for all, for example, in medical research to help create cures for a disease, or, within governments to keep the country safe from suspected criminals.
Who does it belong to?
Data does not belong to one person, much like DNA – it not only includes information about ourselves, but also reveals information about our relatives. Further examples include utility bills (they reveal who we live with) and health records (they reveal information about medical professionals)
Personal data should not be viewed as a product to be exchanged or sold. Unlike selling a house, the way personal data is being used will always matter to you as it is about you. You need to always have rights about what is done with that data.
Who controls my data?
Decisions on how data is used and shared are either made by one person using a service (shop check out), by people affected by the data (social media comments/conversations), or government (your personal data might influence consultations and campaigns, and, it is collected in censuses to build a picture on the population). However, you can control how much of your personal data is shared especially as GDPR has rolled in.
How can I control it?
On online platforms, there are privacy controls where you can alter settings to manage how data is used and shared for your account. In addition, you are able to ask an organisation to provide details on what personal data they have stored about you. You have the right to receive a copy of this data and reasons why they collect it as well as who gets to see it. You must get a response within 30 days of requesting this data. And this is all possible because of GDPR!
What is the right to be forgotten?
You can request to get you personal data to be deleted if it is no longer relevant. The organisation contacted is obliged to inform others that they want their data deleted, so copies of it must also be deleted.
Furthermore, GDPR allows users to request for social media companies to delete any post they made as a child and develops personal data to include IP addresses, internet cookies and DNA.
What does GDPR stand for?
General Data Protection Regulation
What is GDPR?
It will give people more control on their personal data where organisations use it. Organisations which depend on a person’s consent to collect their data will now have tougher restrictions where by the user must actively consent. Organisations must use language that is easy to understand and let users know that they can stop providing consent at any time. Also, users must be allowed to request information about how an organisation may be using their data, what data they are collecting and why they are collecting it.
Why does it matter?
Prior to GDPR, there was the Data Protection Act 1998, and, since then, how data is used has changed a lot. Now, immense amounts of data is created, stored, shared and used in our everyday lives. The GDPR was a much needed update.
Who does it apply to?
It applies to all data controllers which provide direction on how and why personal data is processed. This is basically anyone offering services in the EU.
When does it apply?
25 May 2018
Why should I care about my data?
Data is the new oil. Fuel the future by making the decisions on how much personal data you want to share.
Stay updated for the next post by following the official Instagram @bitnibblebyteblog
Ada Knowe 🙂