Online privacy laws have undoubtedly become a prevalent topic in recent years. Inhabiting Europe, we are continuously strafed by pages wanting to gather personal information on us for their marketing needs. As we continuously consent to cookies and abstract ideas of a website watching us, what is the true point to all these incessant measures?
The milestone EU General Data Protection Act (GDPR) that went into effect in 2018 is, arguably, one of the most concrete changes in our digital privacy lives. Frequently cited, the GDPR proved to become an important basis for numerous trials and government-tech inquiries. A recent example can be seen in the February 2022 French ruling where Google Analytics was concluded to violate the GDPR laws, the National Commission on Informatics and Liberty declaring, “There is therefore a risk for French website users who use this service and whose data is exported”. Furthermore, Meta had come under recent fire for threatening to pull services from the EU, unveiling in its annual report to the U.S. Securities and Exchange Commission that it would “likely” cease Facebook and Instagram branches if its data transferring would continue to be hindered by the GDPR Act. The response was enthusiastic; French Finance Minister Bruno Le Maire encouraged Zuckerberg to follow through on his word, confirming life was “very good” without Facebook. Promptly after the alleged plans had broken, Meta had refused such a stance.
So, why care at all?
Our data holds several roots of importance: such ranges from ad targeting to informational profiling.
Analysis of such events can trace back to figures such as Edward Snowden. Charged with espionage, Snowden uncovered, among other points, the existence of NSA, FBI, and Britain’s Government Communications Headquarters’ permission for direct access to numerous servers, including Google, Facebook, Microsoft, and Apple. Additionally, the NSA issued a court order to the United States’ telecommunication company Verizon to remit its data of numbers dialed and duration of calls. In essence, these government agencies could build algorithmic profiles of any person around the world, regardless of if they consented to the United States or United Kingdom informationally profiling them.
It is no wonder why Europe had settled on the creation of the GDPR. With the seven core principles of lawfulness, fairness and transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality, and accountability, the British Information Commissioner’s Office remarks, “You should identify the minimum amount of personal data you need to fulfil your purpose…You should hold that much information, but no more.” Indeed, information is needed to run many businesses and facilitate growth—even for small businesses. Many rely on the tools provided by Big Tech companies to facilitate their growth and reach a target audience; without it, many small businesses in today’s economic sphere would not gain a sustainable reach. Furthermore, we may even encourage such targeted ads to recommend products we may have never come across otherwise.
There are myriad situations where our data is encouraged to be admitted. At this point in the world, it seems that clicking “accept all” is the much more utility-fulfilling option in comparison to its “manage cookies” counterpart.
With all being said, the question begs, would you sacrifice your data for ease of use?