New EU Data Protection Regulations - EMBRACE or SEND TO TRASH BIN? RULES for ALL or BIG BROTHER?

edje (69) in privacy • 7 years ago (edited)

Many companies collect data from us, such as date of birth and residential data. Also, websites store our purchases and/or or your preferences. Those companies can store that data, share it with others, and use them for offers.

As of May 25th 2018, the rules become much stricter. From then on, the General Data Protection Regulation (GDPR) will be effective. This applies throughout the EU. If companies fail to comply, they may face penalties.

Large Impact

The new rules involve far more than 'adjusting the privacy policy on the website'. All kinds of technical measures must be taken, such as adapting IT systems and security.

Companies must, according to the new rules, accurately chart what they do with data, and citizens get more rights. For example, companies are obliged to inform individuals better and more easily and to request separate permission for using their customers data. Also, companies are required to report to the authorities within 72 hours after a data leak. Ultimately, all these measurements must lead to greater control over the huge data economy in which companies like Google, Facebook and Amazon have enormous amounts of power.

Summary of the New Rules

The obligation to register all processing activities of personal data;
The obligation to draft internal privacy policy;
The execution of the Privacy Impact Assessments (PIAs) for risky processing of personal data;
To implement the new rights of the parties concerned: the right to limit processing of personal data and the right to portability of data;
More detailed obligations regarding data processing agreements;
The implementation of privacy by design and privacy by default as part of the already existing obligation to data minimisation;
An extension of the category of special personal data: genetic data and biometric data - the processing of these personal data is subject to stricter rules;
An increased of limits of fines (EUR 20 million or - for companies - 4% of the total worldwide annual turnover in the previous financial year)
An extension of the already mandatory data sheets for all European Member States;
In certain cases, it is mandatory to appoint a Data Protection Officer.

A whole lot of work to implement. For big companies manageable, but how about the small companies, those with a few employees? Small retail shops, small consultancy companies. In the Netherlands we have more than 700.000 single person companies, freelancers in a total of about 6,5M citizens eligible for work.

Considerations

Though many of the EU rulings are already applicable in the Netherlands for some time, no real big negative events happened. But since we are just at the start of digital crime, the future may look differently.

I support the rulings in general, since the individuals MUST be certain their data is protected and not abused and to me it is unthinkable to have no ruling for those who store and manages 3rd party individuals data and leave all the responsibilities with the individuals to identify which parties they can trust with their data and which not.

However, these type of ruling will make it much harder for small companies to manage their risks. Also, with this type of rulings we getting further into centralised control, rather than the road to lesser centralised control and more local community type of agreements.

I would love to learn from you your opinion on this matter. If you agree with more strict rulings to protect the individual in the matter of 3rd parties using individuals private information? To protect society from the big companies to become even more powerful because they simply have the resources to know everything about their users and customers? Your idea of the balance between Rules for All versus Private Big Brothers. Do you think blockchain based services can help providing better and more affordable solutions?

sources [1][2]

image sources [1][2][3]

NJOY

follow me @edje

privacy law anarchy news politics

7 years ago by edje (69)

$1.55

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!

Sort Order:

Trending

[-]

richhersey (52) · 7 years ago (edited)

I think consumers should have more protections and control of their data, however, the Libertarian side of says this is no good.

As you pointed out, the larger companies can implement these requirements fairly easily. A smaller company, or a startup, will have increased overhead as they try to install these measures. As is often the case, the larger companies will rally for the "improved law", knowing that what the law really does is provide them protection from competition.

The market has already responded to this consumer demand. There is no need to use government force! Here in the USA, take a look at Steemit, SocialMediaFreedom.com, Gab.io, or Freespeechx.com. Corporations can't buy the user's data there.

Ultimately, we as individuals need to be responsible for ourselves. Don't like having your data being sold to corporations? Don't use Facebook, Google, or Twitter. How often we give up our freedom for security!

BTW, thank you for sharing this on the Libertarian Chat Channel.

$0.07

4 votes

[-]

edje (69) · 7 years ago

Selling is one thing, and I'm the least worried about that, since I even trust the big companies more on more or less anonymous selling of data (when they sell) rather than the small companies who will do whatever when they have to. My issues with not having rules on data protection is that any company will not invest in security, resulting all data to be available to the 'public' at some point in time. You know the book 'The Circle' by Dave Eggers? A Google like company who push the 100% transparency model into the world for everybody! Well, I can tell you, I do not want to live in a world like that at all. I want my data to be protected from anybody else. I dont want anybody to be able to know me from inside out just based on all data that will be out in the field, more or less not protected. Therefore I actually think the rules shall even be more strict. I actually do not think SMEs will have less customers, since customers dont think how save there data is when regulations are in place since they feel protected by the rules. The inly thing is that SMEs will have higher risks when they do not invest in their data security systems and when a consumer want to do wrong, they can more easily bankrupt a SME. But hen again, we have the EU rules in NL already for some time and their is no single company in problems because of these rulings (of course the future may be different when hackers are getting even more active, but then again hackers concentrate mainly on large companies because the value of their database content is so much higher then of small companies).

$0.00

[-]

newus2017 (41) · 7 years ago

I absolutely agree. This is a huge step in protection, if the United states would adapt such a rule and have similar regulations I think I would feel much safer browsing the web.

$0.00

1 vote

[-]

edje (69) · 7 years ago

Thank you for your feedback. I agree with you, anywhere in the world such law shall apply. I would love to see an organisation like UN taking these type of things onboard. Or maybe we need some other world organisation to cover these type of very important topics to create general worldwide ruling.

$0.00

[-]

markush (62) · 7 years ago

This is contradicting for what I have heard. I heard it's now much easier for secret services to "wiretap" your computer. But that's maybe a different topic.

Companies must, according to the new rules, accurately chart what they do with data

When there is money there is power, and where is power there will be abuse.
Not to mention, there always people who gonna make mistakes. It happens all the time. Personal data literally end up on the streets.

Interesting post @edje

$0.00

1 vote

[-]

edje (69) · 7 years ago (edited)

The wiretap is indeed a different topic. This law is about protection of individuals data by anybody who an individual gives his data to (webshops, webservices, retailers etc etc etc) and their obligations to make sure hackers are not just stealing the information for their purposes.

Personal data literally end up on the streets.

When we would have no rulings at all, we will see many 3rd parties not even taking the most simple security mechanism to protect your private data, ie what you bought, what you like etc etc. With the enormous amount of activities in behavioural analyses with findings like: someone who loves the colour red is likely to purchase a house with a garden (made this one up, but these type of conclusions can be drawn by thorough big data analyses); it is the question if we want to have the transparency of our own individual with the world. And what about your medical data? Do like the rest of the world to know when you visit a doctor, what they discovered etc etc? People here at Steemit do not want to provide their ID since they want to be anonymous. When all our data is public, we will never be anonymous since data analyses will be able to find out who we are, where we live, etc etc etc

$0.05

1 vote

[-]

teks (57) · 7 years ago

The small Spanish entrepreneurs among whom I find ourselves have been using data protection companies for two years. These are responsible for the security and destruction of customer data. Also within the telecommunications sector, the multinationals we work for have for two years forced us to use those same data protection companies causing annual surcharges to many small businesses already suffocated by the tax burden.
So this new European law comes to place even more responsibilities on the use of our customers' data. So while small businesses have to add to their annual spending even more money to prevent the possible millionaire fines that we can face from now on. While the multinationals handle the data with impunity. Remember that multinationals have large law firms to defend themselves against possible lawsuits while small business owners will face demands that could lead to the closure of many of these companies.

$0.00

1 vote

[-]

edje (69) · 7 years ago (edited)

You describe exactly my point indeed, the smaller companies not able to afford the cost to reduce their risks. They could take the risk, not to invest and hope they never get hacked. For many SMEs that will be the case actually, for some time to come for sure. On the other hand, when we would not have regulations, all our information will be on the street in whatever shape and form and anybody will be able to understand us from inside out based on all the information we leave behind at 3rd parties in the digital economy we live in. In the end we will be 100% transparent to the world, even to the level that the world will know how many times a day we go to the toilet. Large companies will stick to the rules, because they have a lot to loose, so ruling like the new one in the EU will for instance allow complete removal of accounts and all data since that is a demand. It also forces big companies to allow to export our data to another company service, so that locked in model large companies adopt are broken open increasing the change of competition, or at least give the consumer the freedom to move to some other service.

This topic I find very difficult, since I do fully understand where you coming from. But I also have a very little company and I do not implement everything that is required to de-risk to exceptable levels. But I surely do much more than a lot of really small companies do, since many of them buy eg a NAS and never change the pwd and have all files on the system. Or leave their laptop or PC out on the street when it becomes obsolete without wiping the HDD. We have so many cases in NL just like that private information get into the public. This topic requires huge attention, maybe a grid of secure infrastructure need to be created that is in the hands of the mass instead of by companies. Maybe such shall be demanded to range per community, whatever the community is, and companies shall not be allowed anymore to create and maintain such network. This maybe is where blockchains come into play, but am not technical enough to understand if blockchains can indeed help solve the issue we have to deal with.

$0.00

[-]

teks (57) · 7 years ago

I think I share the idea of how the business fabric should be. It seems that we have much work to do when the global trend is precisely the opposite. Every day the multinationals are bigger and more sectors are grabbed. But of course the objective to fulfill would be the one you raise.
Although I have no idea how we could get it if I'm honest.

$0.00

1 vote

[-]

edje (69) · 7 years ago

It starts with awareness. The rest is also quite unclear to me. I see a lot of new startup companies in NL, with the aim not to grow big, with the aim not to have traditional management layers. But yeh, those aims may be turned into something else when the big money comes in; How strong can these entrepreneurs be when that happens, stick to their initial believes are turn in to greedy monsters. I think blockchain based offerings can also revolutionise the world, but it'll not go that quick as some believe and even the fact in the space of crypto many free thinkers are active, greed is also seen, the wish to become big. We for sure need a cultural chance, and that does not happen overnight, that happens with new generations, so I guess we need to focus on awareness and eduction of the kids in school. Next to that big lobby at government levels, with the right messages, eduction, and force, ie we need to work together to make that happen, to became a relevant communication channel for the politicians to counter the big lobby of the large corporates. I realise politicians are generally blind for technology developments and the potential it has, like they dont have any idea what Robotics will do to our societies when AI get closer to singularity. F*ck hey, they don't even know what service companies like Uber, AirBnB and the likes can do, and under pressure of lobby of the traditional companies, making laws to prevent the new offerings, but at the same time saying that they cannot forever deny the fact that we become more and more prosumers instead of producers and consumer model we had for such a long time. Anyway, awareness, eduction is what needs to be done on all levels, politicians, business owners, the mass, children, adults etc.

$0.00

[-]

teks (57) · 7 years ago

The education of the new generations is a focal point to change the current trend. I am fortunate to have a group of friends, including professors, engineers, chemists, physicists, doctors, lawyers and on the occasions that we gather around a table and end up talking for hours the point of common bond of all We are always education. Each of them has a different political profile but we all agree that.

$0.04

1 vote

[-]

edje (69) · 7 years ago

You have some interesting people around you and great to read regardless of political colour, their is realisation on common ground on this topic. Science and the cleaver people are to little speaking in the mass public, that needs to change. From TV, to online, to conferences etc.

$0.00

[-]

teks (57) · 7 years ago

Again I can not agree more with you. Knowledge has no ideologies and transcends all of them and is also the only tool that allows us to be free thinkers.

$0.04

1 vote

[-]

teks (57) · 7 years ago

Of course I agree that the little intimacy that remains is regulated and protected. What I do not agree with is that you take full responsibility for small businesses. That is the conclusion I have had in reading the law.

$0.00

1 vote

[-]

edje (69) · 7 years ago

Yeh, the SME and Large companies have to obey the same law. The fines are kinda related to size of company, through the percentage of world revenue, but the start fines are so big that a tiny company will go bankrupt when it needs to pay the fine. As suggested in the second part of my previous comment, I think we need to look at the issue at a different way, to solve it in a different way so that 1) the consumer / individual is protected 2) SMEs can exists and survive 3) big corporates cannot become the Big Brothers. The later explained: for instance FB already knows a lot about the individuals, when the can add lots of data from other sources they know even more and in the end it are these big companies who will go the last mile in collecting ALL data in the world to be able to control the individual as much as possible. A different way of looking at things would be, the deny a company getting bigger than such and such, ie force big companies to become small companies. I know this is against many believes, that of free market, that of lower government influences etc etc, but that will solve many issues and creates a more equal competition level and then any money that needs to be invested in obeying security regulations will be more or less the same drain for all companies that will then be transferred into the consumer price levels of the products and services by all companies in more or less similar percentages. That requires all companies to be pretty small though :)

$0.00

[-]

serkagan (65) · 7 years ago

$0.00

Reveal Comment

[-]

edje (69) · 7 years ago

Good what?

$0.00

[-]

leoplaw (67) · 7 years ago

@serkagan is a spam/bot account, take a look at the profile, no posts, but similar comments everywhere.

$0.03

1 vote

[-]

edje (69) · 7 years ago (edited)

Thank you for the check and warning, reason why I asked the question and didn't gave a comment upvote. Thanks for the flag BTW.

EDIT: wow indeed, the variation is "SUPER"and "GOOD"... didnt see that many SUPER GOOD lol

$0.00

[-]

leoplaw (67) · 7 years ago (edited)

We all need to flag these guys because they are earning from this. The trouble is they are now starting to use bots. Read the following article. We are a facing a tsunami.

Case 7: raping the reward pool with 1700+ accounts - things are getting serious!

$0.00

[-]

edje (69) · 7 years ago

Are you on Steemit.Chat or Discord?

$0.00

[-]

leoplaw (67) · 7 years ago

Steemit.Chat, yes, but rarely. Why?

$0.00

[-]

edje (69) · 7 years ago

I like to chat with you on a program I like to launch on Steemit to fight abuse of all sorts; Maybe you are interested to join the team. The ambition level is high for the program.

$0.00

Show 4 more replies