CONSUMERS HAVE LONG wondered just what Google and Facebook know about them, and who else can access their personal data. But internet giants have little incentive to give straight answers — even to simple questions like, “Why am I being shown this ad?”
On May 25, however, the power balance will shift towards consumers, thanks to a European privacy law that restricts how personal data is collected and handled. The rule, called General Data Protection Regulation or GDPR, focuses on ensuring that users know, understand, and consent to the data collected about them. Under GDPR, pages of fine print won’t suffice. Neither will forcing users to click yes in order to sign up.
Instead, companies must be clear and concise about their collection and use of personal data like full name, home address, location data, IP address, or the identifier that tracks web and app use on smartphones. Companies have to spell out why the data is being collected and whether it will be used to create profiles of people’s actions and habits. Moreover, consumers will gain the right to access data companies store about them, the right to correct inaccurate information, and the right to limit the use of decisions made by algorithms, among others.
The law protects individuals in the 28 member countries of the European Union, even if the data is processed elsewhere. That means GDPR will apply to publishers like WIRED; banks; universities; much of the Fortune 500; the alphabet soup of ad-tech companies that track you across the web, devices, and apps; and Silicon Valley tech giants…
Full Source: Wired