Summary: A new privacy law could change the way people use the internet.
Have you been receiving a stream of privacy emails from every random company you had ever given your address to lately? The reason for this is that the European Union has passed sweeping new online privacy regulations, and the rules will give EU residents greater control over their online data. But how does this new law affect those in the United States and other countries?
What is the EU’s new privacy law?
Starting on Friday, the General Data Protection Regulation, or GDPR, will go into effect. It allows EU residents the right to know how their personal data is being used online and the ability to erase this data. Websites and apps must now inform EU users before data collection, and they also must disclose how that data is being used.
How does this affect those who use the internet?
To comply with the GDPR, websites such as Facebook have to now explain their algorithms to EU residents. As many of us know, algorithms are used by websites to determine what we like based on how we interact with their websites. For instance, if you Like certain pictures on Instagram, you may notice that similar pictures are recommended to you in the Explore function or that ads are catered to your desires.
According to Vice, “Ccertain provisions under GDPR give people a new “right to explanation,” as legal experts call it, to avoid a Kafkaesque future where people can’t question the decisions made by artificial intelligence that affect everyday life. GDPR articles 13, 14, 15, and 22, for example, refer to instances of automated decision-making that produce “legal” or “similarly significant” effects. Those cases could include a credit application or online job recruiting software, where people may have the right to “meaningful information about the logic involved,” according to the law, in a decision made entirely by an algorithm.”
For those who use the internet in the EU, they now will be armed with this new information and have the power to take back control over what companies do with it. And since EU residents will be informed about how algorithms work, that information is also likely to be decimated worldwide.
What are the penalties to those who break the law?
Websites that do not disclose what they do with their EU users’ data and how they collect it can be fined up to $20 million euros or 4% of a company’s global annual revenue. Although this only applies to users in Europe, this law affects American companies that can be viewed in those countries. Thus, most tech companies would rather play it safe and extend the GDPR rules to all users instead of making separate algorithms for European and non-Europeans.
Vice said that the GDPR will have a significant impact on tech companies because they have relied so heavily on algorithms to provide bespoke experiences for users so that they will stay on sites longer and click on personalized ads or buy more products.
“That’s why tech companies have always refused to disclose the inner workings of their algorithms, which they consider trade secrets. But with GDPR, they might no longer have a choice,” Vice said.
After only one day of the GDPR going live, Facebook and Google were sued for $8.8 billion, according to The Verge. The tech giants were hit with multiple lawsuits that were filed by Austrian privacy advocate Max Schrems.
- Audit of Facebook to Begin
- Federal Trade Commission Investigating Facebook after Cambridge Analytica Scandal
- Facebook Sued for Discriminatory Job Ads