Are you unknowingly letting companies use your data?

It's May 25 and GDPR has come into effect. Companies need your consent before they can use your data. Click with caution.
25 May 2018

GDPR is here, and your inbox is filled with disclaimers. Source: Shutterstock

If you’ve been online for more than a few months, you have, at one point or another, given away your email address and other personal or sensitive data to companies.

Ideally, these companies will be in the process of getting in touch with you – and they’re going to do one important thing: seek your consent.

In 2016, the European Union (EU) passed the General Data Protection Regulation which came into effect today.

Although applicable to only those companies that deal with EU citizens and residents, it’s got companies running helter-skelter, worried about compliance. Partly because non-compliance will cost them 4 percent of their “worldwide” revenues or EUR20 million (US$24 million approx), whichever is higher.

Why’re the sending me an email?

The GDPR places great emphasis on consent. In fact, it makes it illegal for companies to use your data if you haven’t explicitly provided consent. The law devotes several articles to clarify the notion of consent.

It says that consent must be freely given, specific, informed, and an unambiguous indication of the data subject’s wishes (the user’s wishes) which by a statement or by a clear affirmative action, signifies agreement to processing.

The request for consent must be presented in a manner clearly distinguishable from other matters in an intelligible and easily accessible form, using clear and plain language.

It also says that the data subject must be able to easily withdraw his or her consent at any time and must be informed of this right in advance.

In order to meet these criteria, companies are sending you emails. To get you to give them permission to use your data.

Okay, so what should I do now?

Well, the first thing is: Be very liberal with that click. Don’t click on “I agree” very easily (or without reading). Don’t “opt-in” to things that you’ll regret later.

This is not the time to give in to the fear of missing out. This is the time to understand who you’re giving permission to use your data and how it’s being used.

Effectively, this is your chance to wipe your slate clean (as far as possible), all thanks to the EU and the GDPR.

So, when you check your inbox, be careful and read the fine print. It’ll take a little longer but you’ll get what it means, and you’ll be able to build yourself a checklist of companies you’ve permitted to use your data.

That list will come in handy when you want to exercise your right to be forgotten – another right bestowed upon you by the GDPR.

How do I protect myself?

Well, read. If you read, you’ll be able to protect yourself easily. When anyone sends you an email about new policies or terms of service, refrain from clicking on big, shiny buttons so you can move on to the next email.

Instead, read. Investigate. What’s the change? What are they doing? Who will get your information and how will the company use it? Will they sell it? Will they own it in any way? What is the process for you to have them erase your data? Learn more before you act.

If these emails lead you to another page with a LONG document that’s too complex to understand, well, here’s a tool you might like to consider: Pribot. The company offers two solutions: Polisis and PriBot.

The first, Polisis, is a unique way of visualizing privacy policies. Using deep learning, it allows you to know what the company is collecting about you, what it is sharing, and much more. You don’t have to read the full privacy with all the legal jargon to understand what you are signing up for.

The second, PriBot, is an automated question-answering (QA) chatbot for privacy policies. You can ask it questions about any privacy policy (given that it can grab it). It then uses the policy to answer, in real time with high accuracy and relevance questions that are posed in free-form.

Using these, you should be able to scan through those mighty privacy policies with ease.

The GDPR gives people all over the world a shot at a clean slate when it comes to managing their data and keeping it private. Be patient and choose carefully.