The implementation of the General Data Protection Regulation (GDPR) has its advantages and disadvantages.
Even if the GDPR has been enforced since May, many huge tech firms are still invading the consumers’ data security and privacy. Several considerable efforts and acquiescences have been observed by regulators. However, consumers had the perception of being pushed or harassed at the same time by large enterprises into approving to business as always. This depicts a clear violation of the new regulations.
The GDPR’s objective is to rectify the alarming discrepancy of authority between large tech companies and the consumers. It aims to provide the people with more governance over their data security and privacy. Giant firms will be held responsible for everything that they do with it. The new regulations supersede the 1995 Data
Protection Directive that mandated national legislature in each of the 28 European Union countries to be implemented. There will only be one rulebook for the largest data privacy queries, and big tech companies will now have one help desk rather than 28.
Just like the old memorandum, the new guidelines necessitate that the procedures for personal data should be legal and fair. To legally process them, companies must identify the most suitable basis accordingly. The most usual approach is to acquire the data with the provided and notified permission of the owner.
A company can likewise have a lawful interest to use information if its only purpose is for pure business only and will not harm the data security and privacy of an individual. If for example, a person is ordering food from a restaurant, it is just right to provide his name, phone number, and full address for delivery. What is not right is if the restaurant shares or sells their customers’ information to other establishments.
Another condition of legal data processing concerns contracts between a company and client. When a consumer bought a product online, a contract has been established. However, in order for the contract to take effect, the consumer must provide his credit card information and delivery address for sending the merchandise.
Based on the new GDPR rules, a contract cannot be used as a basis to acquire permission for the owner of the information. Some if not the most, it looks like companies depend on the take-it-or-leave-it contracts to confirm their quick data procedures. One of the large questions is the coverage to which a company can explain the gathering and utilization of enormous amounts of data in exchange for a “free” service.
Big companies are not only after data security and privacy. They also want to know where the user has been and what activities have been made. Google is one good example, and even if the location history is disabled, it can still track the users. This study which the Princeton University researchers confirmed has pissed the US legislators.
The controversy could impact up to two billion users of Android and Apple devices that utilize Google maps or search. Google gave away that it provided clear details of its tools and the instructions to turn them off.
“There are a number of different ways that Google may use location to improve people’s experience, including Location History, Web, and App Activity, and through device-level Location Services. We provide clear descriptions of these tools, and robust controls so people can turn them on or off, and delete their histories at any time,” Google said.