Connect with us

Technology

GDPR transformed the internet in 2018, and it’s not done yet

Published

on

Time seems to work differently when you spend your days online. The memes, moments, and scandals that feel like ages ago are often really only months, weeks, or even days in the past — and what was once unthinkable quickly transforms into how it’s always been. 

The General Data Protection Regulation, known as GDPR, only went into effect on May 25 of 2018, but by now the regulation has reached so far into the everyday life of the internet that it’s becoming harder to imagine a time before. Things online are changing as a result of GDPR, even if you have to  to remind yourself of that fact, and as we move toward closing out 2018 it’s important to take a moment to explore just what those changes are — and the battle that’s still to come. 

For starters, it’s worth noting what GDPR even is. 

According to the European Commission, GDPR is “one set of data protection rules for all companies operating in the EU, wherever they are based.” The end result of this, we are told, is that “people have more control over their personal data,” and “businesses benefit from a level playing field.”

Sounds good, right? For the average internet user, that very much appears to be so. For example, GDPR dictates that companies must notify their users of data breaches that could affect said users. With huge breaches seemingly happening all the time, this requirement is vital when it comes to  ensuring that people are aware of just how much of their personal data is out in the wild. 

And, perhaps just as importantly, which companies are incapable of keeping user data safe.

Of course, that’s not all that GPDR mandates, and breach notifications are not the only result of the new regulations. Notably, GDPR introduces some much-needed teeth to the internet equation. Companies can be fined hefty sums for failing to comply with the new rules, specifically “up to €20 million or 4% of global annual turnover.”

But all that’s been happening behind the scenes. The casual internet user, on the other hand, has likely come across GDPR in one specific form: the popup notification. You’ve surely seen it before, perhaps in the form of a dialog box interrupting your browsing to ask you to agree to the data collection that your site of choice engages in.  

“Consent is one of the legal grounds for processing data (together with contract, legitimate interest, legal obligations, etc.),” the European Commission notes in a warning to site operators and companies. “If you rely on it, consent should be given by a clear affirmative action.”

Click or go home.

Click or go home.

Image: Malte Mueller / getty

That action, of course, manifests itself as you clicking through to accept the terms and conditions stipulated by the GDPR-mandated popup. If you’re someone that regularly clears his or her cookies, then you’ll likely need to do it each and every time you visit the site in question. This, as yet another addition to the long list of ads and popups that require navigating through before you can access a webpage, is a pain.  

And if you don’t agree to hand over your data, but still want to access the site? 

Well, that’s where things get interesting. Electronic Frontier Foundation international director Danny O’Brien told Mashable over email that the popups themselves have become the latest battleground in GDPR compliance. 

“Importantly, for anyone still batting away those ‘I agree’ pop-ups, many of these [GDPR complaint] cases revolve around complaints that consent has to be ‘freely given, specific, informed and unambiguous’ — and that if you *disagree* with data collection that isn’t necessary for the service you’re getting, you should still be able to get that service, even if you decline,” he explained. “The regulators warned that this wasn’t legal under the GDPR.”

In other words, as they often currently manifest, the GDPR popups themselves may be in violation of GDPR. Fun stuff. 

So, are any of these efforts actually working as intended? Has all the time and money that’s gone into making the web GDPR compliant over the course of 2018 made a positive difference for the privacy and security of the common user? According to O’Brien, it’s still too early to tell — though we’ll likely know soon.

“The GDPR upped [regulators’] powers, and in many EU countries, [regulators] also upped their staff levels,” O’Brien explained. “But it takes a while for a really juicy complaint to make its way through the system, and we’ve yet to see the results of even the first complaints made under the GDPR.”

As that begins to happen over the course of 2019, and the financial and legal risks of noncompliance become tangible for companies around the world, we’re likely to see even more changes online as a result of GDPR. In other words, we’re just getting started on this regulation journey.

But hey, it’ll be over before you even notice. 

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f85091%2fa32d7063 b4aa 45e5 8762 30703ada18bd

!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version=’2.0′;n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,’script’,’https://connect.facebook.net/en_US/fbevents.js’);
fbq(‘init’, ‘1453039084979896’);
if (window._geo == ‘GB’) {
fbq(‘init’, ‘322220058389212’);
}

if (window.mashKit) {
mashKit.gdpr.trackerFactory(function() {
fbq(‘track’, “PageView”);
}).render();
}

Continue Reading
Advertisement Find your dream job

Trending