Privacy protection has been a major concern for Europe and its citizens—not so much in the United States. But the recent Facebook scandal and the GDPR could change that.
When it comes to privacy protection, Europe has been ahead of the United States for some time.
Americans, in general, don’t seem to mind that their data rights have been run roughshod for years. In the wake of the Edward Snowden scandal that revealed the massive NSA mechanism that has been collecting the phone calls, texts, and private communications of the entire country, the overall reaction was a nationwide yawn. Famed Brit John Oliver hit on this sad fact in a hilariously dark interview with Snowden.
And in recent years, the European Union has been more willing to fight back against data collection to protect the rights of its Web users than the US has. For example, the European parliament tried to get to the bottom of the ECHELON program back in 2000. Before that, there was the Safe Harbor Privacy Principle and Data Protection Directive, both originating in the EU. The EU even practices Data Privacy Protection Day.
Comparatively, the U.S. has data protection laws split up by state. But besides the Health Insurance Portability and Accountability Act, the Children’s Online Privacy Protection Act, and the Fair and Accurate Credit Transactions Act, there’s no unified legislation or regulation that restricts the procurement, storage, or use of personal data of its citizenry at large.
It seems, though, that Americans might finally be at a crossroads when it comes to demanding more protection for their personal data and clear and transparent laws about what’s done with their collected information. What did it take? Facebook.
The recent Cambridge Analytica scandal has blown the doors wide open on the major problems with private data collection that giant companies have created. From the #deletefacebook campaign to plummeting stocks, it appears that consumers have finally had enough. The average American has been made painfully aware of the fragility of their online presence and the unwillingness of companies and governments to protect it.
That also makes the General Data Protection Regulation, a set of laws about to take effect in May, right on time. Even though it originates in the EU, the global nature of the Internet means every company that manages and shares the personal data of EU users must adapt to new rules at the risk of maximum penalties that could result in huge fines.
The GDPR puts more power in the hands of the users. Whether they live in the EU or U.S., ideally, users will no longer have to wade through hundreds of pages of text to authorize “consent.” Instead, the GDPR will force companies to inform customers in plain language of the amount and type of information collected, how it will be used, and who it will be used with. The GDPR will also allow data subjects to see, delete, or download all that data at their choosing—in other words, revoke consent. A situation like the one with Cambridge Analytica and Facebook will hopefully never have to arise again.
If privacy truly is a fundamental human right, as some major CEOs say, enterprise companies will need to do more to make that right a reality. With the GDPR quite literally around the corner, companies now have their chance to adjust current practices, reach compliance, and guarantee the human right that is data privacy protection through maximum transparency and greater security by way of strong encryption.
Recommended for You