“Privacy is essential. However, most of the world is yet to realize Privacy Legislations that individuals can trust, with the collection, usage and sharing of data about them.”
Browsing internet in a European city, a student opens a news website. He is greeted by a pop-up message asking for his consent to handle and use his private data. He clicks ‘OK’ and proceeds to read the latest news. This is the scenario after GDPR came into effect in 2018. But it is a rare example of giving user an option to decide how his personal information can be used.
In daily routine, everyone of us is responsible to protect our own information. However, with the internet, situation has become a bit more complex. Online services, social media, email, e-commerce, etc., all require us to interact with service providers, beyond national borders. This interaction involves collection and sharing loads of personal data, essential to personalize services and prepare a custom-made experience for users. At this point, Privacy kicks in.
Privacy is the right of an individual to control and dictate the use of his/her private data. Ideally, consent should be obtained before private data can be handled, stored, processed or exchanged. A Deloitte survey found that over 90% of consumers accept legal terms and conditions without reading them /1/. In today’s world, our information is managed by giant conglomerates and enterprises, that make our lives easier. The good news is that a common user does not receive a bill. e.g. services from Google or Microsoft are free, But they hold tons of personal information, preferences, usage history and trends, to name a few. On the other end, service providers, including, banks and telcos are also serving masses, collecting a wealth of information about their consumers.
Significance of Privacy
This is the reason why Privacy is important. Just imagine a data breach in a bank or your health provider’s network, leaking your personal health records and your financial details (e.g. Equifax breach). How much potential damage can it do to a person’s reputation! Hence, there is a need of having comprehensive privacy laws in each jurisdiction. Privacy Laws fundamentally safeguard consumer rights in traditional as well as digital environments. EU’s GDPR is a shining example of how such legislations can be done, in a favorable manner. Following the footsteps of European Union, several nations have already created or are working on their own Privacy laws. China, Brazil and India are worth mentioning here.
This proliferation of Privacy Laws is coincided by improved consumer awareness, regarding their right to privacy. Flagship privacy cases in recent years have not only sent aftershock to Governments and American companies in particular, but have also shaken consumers. As a result, a global debate around privacy is triggered, followed with intense coverage in electronic and print media.
Flagship Privacy Cases and their impact
One of the cases is of Edward Snowden, who revealed NSA tactics of monitoring and surveillance of consumer data. Consumers had no clue how their activities were being monitored by third parties. Another flagship case included Cambridge Analytica — a company owned by the hedge fund billionaire used personal information taken without authorization in early 2014 to build a system that could profile individual US voters, in order to target them with personalized political advertisements. To rebuild trust, companies are now willing to open-up about demand of surveillance from law enforcement agencies./2/
This has pushed governments to strategize internet with the aim to stop illicit practices breaching consumer privacy and confidentiality./3/ Some governments have introduced protective measures and made it compulsory for internet services to comply with national regulations on data and consumer privacy. Some countries have started work to develop new laws to cover inefficiencies in traditional laws./4/ According to Deloitte, the number of privacy laws has grown from 20 to 100 in recent years. As mentioned earlier, Europe took a leap forward and came up with General Data Protection Regulation known as GDPR. GDPR is a game changer that extends protection of EU citizens’ privacy worldwide.
Well-crafted Privacy Legislations are need of the day, to ensure consumer rights and enforce governments/companies to abide by them. Our generation demands an approach that is adaptable to ever changing world of technology, enabling progress and innovation, but setting boundaries to protect privacy.
Images from Pixabay.com
Basit Syed is a Security and Privacy enthusiast with an extensive background in technical leadership, architecture, design and SW development, working with clients around the world.
Noman Jelani has a deep Telecommunication Policy and Regulation background, being involved with National Telecommunication Authorities in Middle East and South Asia.