European Union data privacy rules can help those in the U.S.
You probably haven’t heard of the General Data Protection Regulation but chances are, you’ve heard of Facebook.
And the social media behemoth’s current problems with data privacy make next month’s European Union implementation of regulations related to the General Data Protection Regulation, or, more briefly, GDPR, even more relevant here in the United States.
So, just what exactly is GDPR? For an answer, I turned to Tim Sullivan, senior vice president of marketing data services at Downers Grove-based Allant Group, an advanced data analytics and campaign management company.
Allant Group gives its global clients highlevel analysis of their existing and potential customers, so the company has a vested interest in understanding the new European directive.
Sullivan explained that GDPR is a legal framework that gives guidelines for collecting and processing people’s personal information in the European Union.
Along with defining the rules around data collection and management, GDPR specifically addresses individual rights — and what happens when companies violate those rights, leading to substantial fines. GDPR covers every business that handles EU citizens’ data, so in addition to companies like Facebook, Google, Twitter and Amazon, it will also require compliance on the part of banks, insurance providers and other financial institutions.Sullivan highlighted some of the biggest wins GDPR provides for people regarding their personal rights: ¦ The right to clearly stated marketing messages that contain details explaining future use of personal information.
¦ The requirement that users opt in to any future use of their data; opt-out will no longer be permitted as a default.
¦ The right to access the data controller or the data protection authority.
¦ The right to permanent erasure of personal information upon request.
¦ The right to restrict the use of personal information in part or in whole.
¦ The right of data portability, which allows individuals access to all the information a data controller holds on him or her, as well as the ability to request that data be moved to an alternate data controller. (An example of this might be a consumer’s desire to move all of his/her data from one credit bureau to another.) ¦ The right to object to the accuracy or business use of personal data.
¦ The right to correct inaccurate data.
¦ The right to be notified within 72 hours of detection of a breach.
You might be thinking, “This is all well and good for people in the European Union, but what does it mean for us?”
For the perfect example, we return to Facebook, and the data about Facebook members it was recently revealed to have allowed Cambridge Analytica to access.
People’s response to the sale and manipulation of their personal data illustrates they want and need better control over their personal information. And, because Facebook is a global company that serves millions in the European Union, it has implemented the processes and controls necessary to met GDPR standards. As a result, Facebook users outside the EU also will benefit from the transparency.
Though companies could theoretically address customers in the European Union differently than those elsewhere, major players on the world market have made the calculation that the additional monetary and customer goodwill costs this would entail are not worth the price.
For this reason, major players in the global market have all indicated they will be GDPR compliant.
If you are interested in accessing and/or modifying the personal data that has been collected about you by the global companies with which you regularly interact, you will have to reach out to each individually.
Though you will be able to view reams of information, including every post and review you’ve ever made, every product you’ve ever ordered, a recording of every Alexa voice request you’ve ever spoken and all the advertisers and apps that have been given your information, your options vary as to what you can do to modify your history.
Your best bet to tackle this project is to search “How to download personal data from (fill in the company name).”
Need help? Send your questions, complaints, injustices and column ideas to HelpSquad@pioneerlocal.com.
Cathy Cunningham is a freelance columnist.
And the social media behemoth’s current problems with data privacy make next month’s European Union implementation of regulations related to the General Data Protection Regulation, or, more briefly, GDPR, even more relevant here in the United States.
So, just what exactly is GDPR? For an answer, I turned to Tim Sullivan, senior vice president of marketing data services at Downers Grove-based Allant Group, an advanced data analytics and campaign management company.
Allant Group gives its global clients highlevel analysis of their existing and potential customers, so the company has a vested interest in understanding the new European directive.
Sullivan explained that GDPR is a legal framework that gives guidelines for collecting and processing people’s personal information in the European Union.
Along with defining the rules around data collection and management, GDPR specifically addresses individual rights — and what happens when companies violate those rights, leading to substantial fines. GDPR covers every business that handles EU citizens’ data, so in addition to companies like Facebook, Google, Twitter and Amazon, it will also require compliance on the part of banks, insurance providers and other financial institutions.Sullivan highlighted some of the biggest wins GDPR provides for people regarding their personal rights: ¦ The right to clearly stated marketing messages that contain details explaining future use of personal information.
¦ The requirement that users opt in to any future use of their data; opt-out will no longer be permitted as a default.
¦ The right to access the data controller or the data protection authority.
¦ The right to permanent erasure of personal information upon request.
¦ The right to restrict the use of personal information in part or in whole.
¦ The right of data portability, which allows individuals access to all the information a data controller holds on him or her, as well as the ability to request that data be moved to an alternate data controller. (An example of this might be a consumer’s desire to move all of his/her data from one credit bureau to another.) ¦ The right to object to the accuracy or business use of personal data.
¦ The right to correct inaccurate data.
¦ The right to be notified within 72 hours of detection of a breach.
You might be thinking, “This is all well and good for people in the European Union, but what does it mean for us?”
For the perfect example, we return to Facebook, and the data about Facebook members it was recently revealed to have allowed Cambridge Analytica to access.
People’s response to the sale and manipulation of their personal data illustrates they want and need better control over their personal information. And, because Facebook is a global company that serves millions in the European Union, it has implemented the processes and controls necessary to met GDPR standards. As a result, Facebook users outside the EU also will benefit from the transparency.
Though companies could theoretically address customers in the European Union differently than those elsewhere, major players on the world market have made the calculation that the additional monetary and customer goodwill costs this would entail are not worth the price.
For this reason, major players in the global market have all indicated they will be GDPR compliant.
If you are interested in accessing and/or modifying the personal data that has been collected about you by the global companies with which you regularly interact, you will have to reach out to each individually.
Though you will be able to view reams of information, including every post and review you’ve ever made, every product you’ve ever ordered, a recording of every Alexa voice request you’ve ever spoken and all the advertisers and apps that have been given your information, your options vary as to what you can do to modify your history.
Your best bet to tackle this project is to search “How to download personal data from (fill in the company name).”
Need help? Send your questions, complaints, injustices and column ideas to HelpSquad@pioneerlocal.com.
Cathy Cunningham is a freelance columnist.
PREVIOUS ARTICLEArticle 74 of 74
