Data protection in the digital age – why should you care?
By Monika Kuschewsky, Partner and Head of Data Protection Practice, Van Bael & Bellis
Mrs. Monika Kuschewsky- Partner and Head of Data Protection Practice, Van Bael & Bellis
Are you a member of a social networking site? Do you have a loyalty card? Are you paying by credit card? Are you shopping online? These are just a few examples in your daily life when you are sharing personal data with others, such as your e-mail address, birth date or credit card data.
But do you really have control over your personal data? Do you know who has access to your personal data? Do you know how others are using your personal data? And what about those photos of yourself that a friend of you has posted on the internet without telling you?
There has been a lot of public outcry about recent press reports over the ability of smartphones to track your location. But in addition to geolocation tracking, many people are not aware that smartphones keep logs of calls, any messages or e-mails sent and that this information is often stored in an insecure manner and for a long time, typically without the users’ knowledge. And people are even less conscious about the fact that they leave a lot of traces behind when they act in the digital world.
As to whether this is an issue depends partly on your attitude. Some people say they do not care and voluntarily disclose a lot of information about themselves on the internet. However, more often than not, this attitude is based on a false feeling of privacy. Indeed, only few people realise that all the information posted about them on the internet, taken together, can be used to build very detailed profiles with very intimate details about their private life and personality.
And there are many who are interested in personal information, including service providers and marketers. Personal data sell. Some even describe personal data as the currency of the internet.
Moreover, once the data get out of control or fall into the wrong hands you may have a problem. A lot of people get concerned when they learn that their personal data have been hacked. Certain photos or other information may harm your private (e.g., relationships) and professional life (e.g., recruitment and career), foreclose you from certain services (such as bank credits or insurances) or even lead to identity theft, sexual harassment or cyber-bullying. In some cases it may affect your safety. For instance, it can be detrimental if the whereabouts of women’s shelters and the presence of particular women therein become known. Burglars may be very interested in your address, photos of your house or apartment and the date you leave on holiday.
Businesses should care about data protection as well. Although the internet and other new technologies offer many opportunities, as in the area of behavioural advertising, businesses must beware of the risks, such as personal data breaches and legal pitfalls.
Staying away from it all, however, is not an option for most people and is becoming more and more difficult in the digital age. Moreover, most people want to avail themselves of new services and products, which offer a lot of advantages.
Of course, in principle you are protected by the law and in particular the data protection laws set certain limits as to what others can do with your personal data. Also, you have certain rights under data protection laws, such as the right to access your personal data, to rectify them and to have them deleted. However, these rules and rights often reach their limit when it comes to the internet, where a lot of things happen which are invisible to the user and where the responsible persons may be based outside of the European Union. These shortcomings are one of the reasons why the European Commission is currently reviewing the existing data protection legal framework with a view to strengthening the rights of individuals. However, given the global nature of the internet it remains difficult to see how individuals’ effective control over their data can ever be guaranteed outside of Europe, at least until the adoption by all countries of some international standards on data protection.
Rather than waiting for the legislator to act, people should therefore protect themselves. You should understand what happens when you surf the internet or use other technologies, and you should be aware of what these technologies can do and of the possible consequences of using them. Remember that you leave traces behind whenever you surf the internet. Think twice before posting something on the internet and consider what information to disclose. Be selective in the websites you visit. Read the small print before signing up. Be wary of registration forms, services or websites that require a lot of personal information. Be wary of strangers in chats. Think twice before clicking on a link or downloading a file or programme. Protect your devices by taking appropriate technical security measures. Do not disclose your passwords. It may also be worthwhile to check regularly what information bustles about you on the internet. Certain service providers offer to check the internet for defamatory entries and to remove them, which may, however, not always be possible. If for instance a photo about you has been posted without your permission you may ask the person who has posted it to remove it. In some cases you may need to turn to the website owner or operator of the service. In the worst case scenario you may need to go to a competent authority or get legal assistance.
Although absolute protection does not exist, there are certain safeguards that everybody can take and being aware of the risks is already a big step in the right direction.
Disclaimer - Any views and opinions presented in this article are solely those of the author and do not necessarily reflect those of Van Bael & Bellis, nor do they constitute a legally binding agreement.
| Short Biography
|Monika Kuschewsky is a partner at Van Bael & Bellis, a leading independent law firm headquartered in Brussels.
Monika heads the firm’s European data protection law practice and is supported by an international team of lawyers from more than 15 different countries. She is a qualified as a company data protection officer (Betrieblicher Datenschutzbeauftragter (GDDcert.)) and has extensive experience managing pan-European data protection law projects and audits for multinationals and small and medium-sized companies established in Asia, Europe and the USA. Monika develops and implements tailor-made compliance programmes and regularly provides data protection law training to clients. She also represents clients before the national data protection authorities in Europe and oversees multi-jurisdictional filings.
Monika advises on all questions of data protection law with a particular focus on international data transfers, outsourcing and HR as well as on data security and other data protection issues, which are relevant to global companies, such as outsourcing and cloud computing. She constantly provides hands-on practical advice regarding the challenges for data protection compliance raised by new technologies and practices, such as social networks, RFID, biometrics and behavioural advertising. Monika regularly publishes articles on data protection law and speaks at conferences.
Monika is a qualified German lawyer. She obtained an LL.M. in Legal Studies from the University of Bristol in the United Kingdom. Monika is a member of the editorial board of PDP’s Privacy & Data Protection Journal as well as of several associations of privacy professionals.
Van Bael & Bellis
165 Avenue Louise
Tel. + 32.2.6477350
Fax + 32.2.6406499