Putting EU Citizens in Control of Their Data

Mozilla Fellow Aleksandar Todorović talks privacy and the EU’s General Data Protection Regulation (GDPR)

Mozilla
Mozilla
Apr 4, 2018 · 2 min read

May 25, 2018 will be a landmark day for the internet.

In about two months’ time, the European Union’s General Data Protection Regulation (GDPR) will go into effect — a sweeping measure that gives citizens more control over their personal data. Drafted over the course of several years and finalized in 2016, the GDPR “focuses on ensuring that users know, understand, and consent to the data collected about them,” WIRED reports. “Under GDPR, pages of fine print won’t suffice.”

The EU’s GDPR will take effect May 25, 2018 | Flickr via Yanni Koutsomitis

The new regulation will replace the union’s current, 20-year-old data protection directive, which was created when just one percent of Europeans were online. And in the northwestern corner of the continent, Aleksandar Todorović — a Mozilla Fellow embedded at Bits of Freedom — is helping build a public-interest tool for the GDPR era.

“The basic idea is to make a web portal that will allow citizens to send requests to internet companies relating to their personal data,” explains Todorović, an information security expert based in Amsterdam. “You can request to see what data companies have about you. You can request to modify that data if it’s incorrect, or you can delete that data, or you can export it.”

The tool, titled My Data Done Right, is slated to launch in June. A progressive mobile app will follow. The tool is built using the code from Access My Info, a similar, open-source project by Citizen Lab in Toronto.

Once the GDPR takes effect, Todorović says its data minimization principle will create a healthier internet ecosystem. “The principle states that data can only be obtained for ‘specified, explicit and legitimate purposes,’” Todorović explains. “By having that statement as a part of the regulation, I believe that companies will ask ‘Do I really need that data point?’ when developing new products or features.”

Todorović says the mood in Europe, on the eve of GDPR implementation, is complicated. “The privacy sector is very excited,” he notes. Meanwhile, developers outside of Europe are scrambling to meet the law’s requirements before May 25. Todorović notes the implementation comes at an auspicious time, when stories like the Facebook-Cambridge Analytica scandal are making global headlines.

In all, Todorović sees the GDPR creating an environment where personal data is more easily controlled by those who create it: “I predict that the end users will exercise their rights a lot more frequently.”

Todorović also says the regulations can have a ripple effect, empowering users beyond Europe’s borders: “I also firmly believe that the features related to GDPR compliance, once implemented, will not be limited to EU citizens.”

Mozilla

Written by

Mozilla

We're a global community dedicated to making the web better and more open for all. Join us to imagine, build & teach the web's future.

Read, Write, Participate

What Mozilla is thinking, building and doing about internet health.

Mozilla

Written by

Mozilla

We're a global community dedicated to making the web better and more open for all. Join us to imagine, build & teach the web's future.

Read, Write, Participate

What Mozilla is thinking, building and doing about internet health.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store