G-D-P-R U Ready for a Revolution?
There is a war going on for your mind.
Well, more like for what’s on your mind. Or, even more accurately, for your personal data. But that doesn’t have quite the same ring to it.
Unless you’ve been living under a rock with no WiFi access, you’ve probably noticed a certain kind of email piling up in your inbox lately. Companies across the web, from fitness apps to dating sites, are updating their privacy settings, and they want to let you know. In fact, they need to let you know. Because if they don’t, they might be in hot water.
On May 25th, the long-awaited General Data Protection Regulation (or GDPR) officially went into effect in the European Union. The legislation is designed to put control of data back into the hands of users. And while it does not technically apply in the United States, the global nature of the internet obviously means that companies all around the world are being affected.
Some would say that these protections have been a long time coming. For the last several years, the news has been awash with horror stories about data misuse. Companies like Equifax and Target have lost massive amounts of their customers’ valuable personal information. In other cases, nefarious third parties — or even just advertisers — have taken liberties with data, using it to monitor and manipulate unsuspecting internet users.
No more, says the EU. The GDPR places tight restrictions on how long companies can hold onto customer data, and how they can use it — and requires that they obtain explicit, informed consent from customers before collecting or using that data in the first place. In addition, companies are required to hire a Data Protection Officer, and take other measures to ensure a data breach does not occur.
While this will make life considerably more difficult for many online companies, the European Parliament appears to have little sympathy. According to a New York Times article written just before the Regulation went into effect, legislators see the law as part of a “strong European tradition” to protect environmental and public health, regardless of the effects on private commerce.
The world of private commerce, in turn, is pretty upset. Many are concerned that the GDPR — along with the upcoming, even more stringent ePrivacy Regulation — will do more harm than good. A lot of current developments, like self-driving cars and IoT technology, depend on insights gained from big data. If the source of this data is cut off, some companies argue, technological innovation will come to a screeching halt.
But the implications of the GDPR go deeper than just a few companies losing their revenue streams. Corporations like Google, Amazon, and Facebook have been collecting data for as long as they’ve been around; in many ways, the exchange of personal information is the business model of the contemporary internet. We may be witnessing the start of a long-overdue reckoning over the way we treat our personal information — and over what we’ll let corporations get away with.
A recent Forbes opinion piece framed this reckoning as “The Next Cold War,” a description that is dramatic but not entirely unfounded. On one side of this war are those — like the European Parliament — who believe data is the inalienable property of the individual. On the other side are those who view data as just another commodity to be traded on the free market. It’s a timeless debate — regulation versus free trade — outfitted in the garb of the data age.
There are appealing arguments on both sides. On the one hand, there clearly needs to be some kind of rulebook for what corporations are allowed to do with customer data. The alternative is to give them a free pass, which has already been proven to have disastrous effects. The right to privacy is an important one, and it needs to be carefully weighed before moving forward.
On the other hand, the advances facilitated by wide scale data analytics aren’t just good for corporations; ultimately, they could improve society at large. Solutions in the field of healthcare and sustainability are just some of the ways big data could be an indispensable part of a brighter future. Is it worth it to sacrifice some amount of privacy for a long-term, greater good?
I don’t know the answer to these questions: if they were simple and self-explanatory, it wouldn’t be much of a debate. From my position inside of the data industry, I have seen firsthand how game-changing some of these technologies can be. But I also remain wary of the risks we face if we don’t move forward in a conscientious manner.
Regardless of what decision we as a society eventually come to, I appreciate that this debate is happening in a public forum. For too long, people have been ignorant of how valuable their data is, and who has been using it. This era of ignorance is over. It’s up to all of us — not just people in the industry — to decide what our next step will be.
By: Joseph Green