Written by Kayla Matthews
The General Data Protection Regulation, or GDPR, is a recently enacted E.U. law formed to protect users’ data and privacy online. Social media and other websites and apps use data and take information off of devices every day, adding this information to the Internet of Things (IoT) or outright selling it to companies. The data is then usually used as a resource to make marketing, security, or other aspects of life better. Sometimes, however, data and information are used for nefarious purposes.
The GDPR was put in place to protect users from those nefarious points of contact, but it’s a difficult law to regulate. Technology is always advancing at a faster pace than some people can keep up with, much less old programs or laws. Devices are outdated within a year, so keeping our laws up to date is a handful. As a result, some parts of the United States are trying to get ahead of the game.
The Wake-Up Call
Facebook’s very public testimony to Congress during the Cambridge Analytica scandal in early 2018 was the beginning of the end of unregulated data. The aforementioned nefarious plotters were Cambridge Analytica, but much of the blame fell on Facebook and CEO Mark Zuckerberg for knowing about the attack in 2015 and not reporting the information.
The GDPR forced Facebook to announce the new wave of attacks in 2018 to the public, as companies are now allowed only a window of 72 hours before informing everyone of a breach. Now, after the scandal has been made known, California passed a law allowing users to sue companies for damages in the event of similar attacks. A law like this could have potentially destroyed Facebook during the scandal if it had been passed a few months earlier.
Businesses in the Crossfire
Some people have spoken out against higher regulations than the GDPR, and these groups aren’t just restricted to big business. There have been arguments made of regulations being harmful to small businesses and companies who lack the resources to carry out the new laws. There’s something to be said against micromanaging, but the regulations are meant to protect users, not make businesses more comfortable.
The GDPR already enforces data usage, storage, processing, and other standards for every point of contact data makes within a company. Businesses using data for any reason, including advertising or location tracking, are also subject to these laws. While regulation is a good thing for users, taking the consideration of all businesses into account is the best way to continue moving forward.
Protecting Data and Privacy
“I see privacy as one of the most important issues of the 21st century,” said Apple CEO Tim Cook. “I’m not a pro-regulation kind of person … [but] when the free market doesn’t produce a result that’s great for society, you have to ask yourself, ‘What do we need to do?’ And I think some level of government regulation is important to come out of that.”
While data can be a great tool and has been used for good in the past, not everyone wants to use this data for the good of all. In the case of Cambridge Analytica, one bad seed has ruined the entire batch. Privacy in the age of technology is almost impossible to have, whether or not you use social media, so having some regulation is much better than having none.
What Will Happen to Data?
Data will never go away, not as long as the internet exists and people want to get ahead of the competition. Tougher regulation, however, is coming very soon. Ideally, it wouldn’t take another major scandal to force every country to be more serious about data privacy. Regardless, regulations are going to happen one way or another. It’s just a matter of time.