Monday, April 09, 2018


Do you remember what that stands for?

"There ain't no such thing as a free lunch"

And that is true about the internet, it is not free! You are paying for it with your personal data!

The big brouhaha over Facebook with a number of my friends leaving Facebook is not an isolated event, all the social media sell your data. When you click on “I agree” for an app you just agreed to let them harvest your personal data (I joke that you just agreed to give away your first born child and it is not far from the truth), the web browsers that you use also collect your personal data, the website that you visit also collects you search data, even when you use “incognito” some of your data is collected by the websites you visit, some apps even collect you physical location,* and your internet provider is also collection data on you.

So what can we do to stop this?

No much.

You see Congress has decided not to act on data collection on their citizens unlike Europe (I think you are going to see a big dog and pony show over the Facebook but in the end nothing meaningful will be do done. Why? Because there is BIG MONEY to be made off of our data.).

So let’s take a look at Europe…
Data protection and privacy
Collection and processing of personal data
EU data protection rules mean that your personal data can only be processed in certain situations and under certain conditions, such as:
  • if you've given your consent (you must be informed that your data is being collected)
  • if data processing is needed for a contract, for a job application or a loan request
  • if there is a legal obligation for your data to be processed
  • if processing is in your 'vital interest', for example if a doctor needs access to your private medical data when you've had an accident
  • if processing is needed to carry out tasks in the public interest or tasks carried out by government, tax authorities, the police or other public bodies
Personal data about your racial or ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade-union membership or health may not be processed except in specific cases (e.g. when you've given explicit consent or when processing is needed for reasons of substantial public interest, on the basis of EU or national law).
These rules apply to both public and private bodies.

Processing personal data
The person or body handling your data is called the 'data controller'. They have to respect EU rules about how they handle and store your personal data:
  • your data can only be collected for clearly defined legitimate purposes
  • the data requested from you must not be excessive
  • data which identifies you as an individual (i.e. your name or contact details) must not be kept any longer than needed
  • you must be able to correct, remove or block incorrect data about yourself
  • your data should be protected against accidental or unlawful destruction, loss, alteration and disclosure
If sensitive personal information is stolen, lost or illegally accessed – known as a 'personal data breach' – the provider must report it to the national data protection authority. The data controller must also inform you directly if there are any risks related to your personal data or privacy due to the breach.

Your privacy in electronic communications (internet and mobile phone networks)
EU rules on personal data protection and privacy in electronic communications cover internet communication, such as access to internet, and communication via mobile and fixed phone networks.
Your service provider must comply with the following rules:
  • confidential communications – banning the listening into, tapping or storage of communications without your consent
  • secure networks and services – ensuring that electronic communications providers put measures in place to ensure their services are secure
  • data breach notifications – if a provider experiences a security breach that leads to the loss or theft of personal data, it has to inform the national authority and, in some cases, the subscriber or individual
  • traffic and location data – this data must be erased or made anonymous when no longer required for communication or billing purposes, except if you've given your consent for it to be used in another way (or if required for law enforcement purposes)
  • spam – you must give your consent before unsolicited commercial communications (known as 'spam') are sent to you. This also covers SMS text messages and other electronic messages
  • public directories – you have to give prior consent before your telephone number, email address and postal address is listed in a public directory
  • caller identification – you must have the option for your telephone number not to be shown when you make a call.

What about cookies?
A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. Cookies are widely used to make websites work more efficiently by saving your preferences. Tracking cookies are also used to follow your internet use as you browse, make user profiles and then display targeted online advertising based on your preferences.
EU rules mean that any website using cookies has to inform you that they use cookies, and you have to give your consent. You should always have the option to deactivate or to not accept cookies on your device. You also have the right to know how the cookie information will be used.
The right to be forgotten
You have the right, in certain cases, to ask data controllers to correct, remove or block incorrect data about yourself. This is known as 'the right to be forgotten'. These rules also apply to search engines, such as Google, as they're also considered to be data controllers.
You can ask for links to personal information about yourself to be removed from a search engine where the information is inaccurate, inadequate, irrelevant or excessive for the purposes of data processing.
What if your data is collected illegally or misused?
If you think that your data is not being handled according to the rules or has been processed illegally, you can send a complaint to the data controller (the person or body processing your data).
You have the right to:
  • ask for the data to be corrected, erased or blocked
  • demand that the data controller notify those who have already seen the incorrect data, unless this requires a disproportionate effort
If you don't get a reasonable answer from the data controller, you can send a complaint to your national data protection authority.
National data protection authorities
Each EU country has to have at least 1 data protection supervisory authority. They make sure that data protection law is correctly applied and handle any complaints about breaches of the rules.
You should send your complaint in writing to your national data protection authority. In some countries there is a standard form for complaints or complaints can be sent by email.
If the supervisory authority finds that data protection law has not been respected, it can order data to be erased or destroyed, and can ban further data processing by the data controller in question.
Search in the list of national data protection authorities.
Infringements of the ePrivacy Directive are sometimes enforced by a different national authority rather than the data protection authority. Search in the list of competent authorities for ePrivacy.
You can also present your case directly to the competent national court.
Wouldn’t it be nice if we had the same protection here… but alas it will never happen here.

* I bought a new car last year and the nav system shows the traffic information. I was like “wow, that’s neat” and I asked the dealer have long before I have to pay to get the information and he said “Its free!” Remembering TANSTAAFL I knew somehow they were making money off it so I researched it.

Do you know how they get the traffic information? It is through your phone. You phone is constantly sending your location to the phone company so that they know where to send your phone call through what relay tower; well somebody thought… gee if we calculate the distance and time we will know how fast traffic is moving and if we rebroadcast it on a FM radio channel they will be able to see it on their GPS. So I doubt they are doing this out of the kindness of their hearts so somebody is paying for it? The car companies?

No comments:

Post a Comment