Want more online privacy? Move to Europe
Where you live can impact how companies protect the data they collect on you. This is important. Why? Your devices are nosy creatures. They listen. They watch. And they collect information about you every time you launch them— and sometimes when you don't. True, we've usually given our cameras, speakers and apps permission to store the minutiae of our lives: we've checked yes on those densely written user agreements.
Often, though, we don't think about what that permission means. Even Mark Zuckerberg admitted before Congress that the majority of Facebook's users don't read the agreement they digitally sign before getting an account. Ultimately, we don't think too much about what we're handing over — nor if we can claim that information back.
In Europe
If you live in the Europe Union (EU), you're in luck. A new data protection law, called the General Data Protection Regulation goes into effect in May. There are tons of elements to this new rule, but one of the nice ones is that a company can't ask for more data that it needs in order to provide that service.
Let's say you run an app that makes people's selfies look better. (We know you have on on your phone.) Having access to someone's photo album would make sense. But let's say you just built the best Solitaire app in the world. You probably don't need access to someone's microphone, nor their contacts. Under the EU's new law, a company can't ask for those details unless they have a good argument why their service needs contacts — and not just wants them.
Companies will also have to be clear on how they use information — in simple language. Remember when Sen. Lindsey Graham (R-South Carolina) held up that telephone book's worth of paper with Facebook's user agreement printed on it? That's not simple.
When Android users found out that Facebook's Messenger app was logging phone calls and messages, they're weren't thrilled. Facebook says people agreed to this transparency when they signed up for Messenger. That confusion, and trying to prevent it, is what EU regulators are likely going to be looking for when the new rule starts.
In U.S.
In the United States, how are data is protected is less clear cut. Let's go back to Facebook as an example. While the social media company will have to operate by the EU's new rules in Europe — Facebook isn't bound by the same requirements in the U.S. But Zuckerberg told Reuters on April 3 that he's certainly thinking about offering the social media site's users the same privacy options no matter where they live.
"We're still nailing down the details on this, but it should directionally be, in spirit, the whole thing," he said.
What data does Facebook and other companies, like Google, have on you? Both of these companies say they make it easy for you to see everything about you, that they have, online. But that's not always correct.
Say your best friend, or any friend, uploaded photos from their birthday party — and you're in one of them. Those photos aren't owned by you — they're owned by your pal. And so you won't see necessarily see them in your download.
Data gold mine
That data is, of course, valuable. Most people who use Facebook know their information is being spun to serve them ads that are sold on the site. But, many think they can just scroll past the ads, nor do they have to buy anything — not even that new couch they'd just checked out on Google, and is now 20 percent off through a promo code in an advertisement on Facebook. Get it?
You certainly can't trespass into someone's home. (You can, but the law is not on your side.) But how we think about our data is more problematic. Often, as Facebook noted about Messenger, you've give permission for a company to collect, store and re-use that information, even if it is buried in language a lawyer has trouble understanding.
Still, we're starting to pay attention how our personal data is collected, and what's done with it when we hand it over to a company. Just 27 percent believe Facebook will protect their privacy, according to a recent study from the Ponemon Institute, writes the Financial Times. That's a remarkable dip from the 79 percent who felt the same in 2017.
This shift may be one reason lawmakers in the U.S. think companies, like Facebook, need an incentive to protect the data they have on their customers. Sen. Edward J. Markey (D-Mass.) and Sen. Richard Blumenthal (D-Conn.) introduced a bill in April called the Customer Online Notification for Stopping Edge-provider Network Transgressions (and yes, it's a forced acronym that spells out CONSENT) that requires companies get permission before using, sharing or selling someone's data.
Until then…
So if you live in the U.S, what can you do to try and protect your data today? You can certainly take some drastic measures: delete your Facebook account, unplug your smart speakers, delete your smartphone apps and tape up your computer's camera. Even more extreme? You can read every word, of every user agreement, on every app, service and device you subscribe use and launch.
Consumers are unlikely to do all of these. But perhaps ask yourself if an app is free — how does it make money? Perhaps don't answer surveys that ask the name of your favorite first grade teacher or our beloved first pet. (Can anyone say, "passwords?") And perhaps it's time to start keeping some information, some data, and some part of your life offline — where we live.