What is the GDPR and How Can America Learn From It?
With tech companies’ misuse of customer data becoming all too normal in today’s age, America is falling behind in establishing safeguards for your personal information when online. From broadband providers to large Silicon Valley companies like Google and Facebook, it has become clear that your private data is a valuable commodity, and the institutions we are entrusting it to are doing little to nothing to properly protect it. This is exactly how big companies want it to be – giving minimally to empower the consumer when it comes their data. This is so because if the masses were to opt out of data monetization schemes, companies like these would see a massive drop in revenue.
While America is lagging behind the curve in protecting consumers data, the European Parliament voted to approve a major reform to data protection across the entire EU, called the General Data Protection Regulation (GDPR). This new law, which went into effect in late late May, will ensure that data collection and sales are more transparent to the average consumer. The new GDPR rules require that companies will provide easy-to understand opt-out tools, alert consumers of data breaches within 72 hours of learning about it, and allow users to download and retain a complete copy of their own private data. Perhaps the biggest ability it gives users is the authority to withdraw consent to share at any time.
With these new rules, the GDPR makes the idea of privacy protection an absolutely required practice, something not in place here in the United States. Rather than it being a required practice here, corporations have successfully convinced us that it is okay to simply rely on a kind of “public shame” to keep these companies on their best behavior when it comes to data protection and privacy.
Although the GDPR seems like an all around solid law that finally gives back some of the power to the consumers, it is not without its critics. Some have expressed concerns that the GDPR will have a negative impact on free speech, citing the “right to be forgotten” clause that requires companies to delete any illegal or inaccurate information about someone offline. Experts worry that this power has the potential to be abused by consumers, with the law providing no meaningful barriers to bar illegitimate removal requests.
While the GDPR has no effect on U.S. citizens’ data, European lawmakers hope the proposal will influence other countries to follow suit in the coming years. With the high amount of privacy abuse and hacking scandals that have racked the tech world in the U.S. recently, that day could potentially come sooner or later. Until then, tech companies in the U.S. will continue to push a sense of impassivity as the preferred solution to data privacy.