Why You’re Suddenly Getting Private Policy Emails
If you’ve checked your inbox over the last couple of days, you may have noticed that you’re getting bombarded with emails from companies letting you know that they’ve changed their private policy. The messages look a little something like this:
So, we're here to answer some of your questions about all of this, like:
Why am I getting so many private policy updates?
Sure, you’ve gotten these types of emails before, but the fact that basically every company has chosen to make an update this week seems more than just a coincidence. And it is: Europe has a new General Data Protection Regulation (GDPR) that went into effect today that requires companies to meet certain guidelines when it comes to using your privacy. The law itself really only applies to European citizens, but since many services, websites, and apps that you use also collect data from all over the world, companies are changing their private policies to follow the GDPR’s rules for everyone.
What exactly is the European General Data Protection Regulation?
The law itself is pretty complicated (it reads 261 pages long!), but its goal is to force companies to better protect their users’ data and to make it easier to understand the information they are collecting from you in the first place. It also requires companies to get consent from people before storing or analyzing personal information.
Companies are quickly updating their policy to comply with the new rules. Why? Because if they don’t, they can be fined up to 4% of their global revenue or 20 million euros, whichever is higher. To put that in perspective, Facebook’s global revenue for 2017 was 40.7 billion dollars, meaning if they don’t comply with the new laws, they could be faced with a whopping $1.6 billion dollar fine.
Why does the GDPR matter?
Many companies collect things like your name, age, where you live, and marital status so that they can offer you more targeted advertisements. It’s also the reason that many sites can offer their services for free. But, as you may know from Facebook’s Cambridge Analytical scandal, things can go overboard. The breach allowed third-party apps to inappropriately access personal information of around 146 million users, some who did not give consent.
How does GDPR protect me?
Under the new regulations, you are able to opt out of sharing sensitive date with companies including your phone number, employer information, birth date, medical history, political affiliation, and more. The process of managing your data will be different for each company, but bigger corporations like Facebook are adding tools to their sites that make it much easier for users to understand and delete data that a companies may have collected from them.
"Our recently expanded tools for accessing your information will allow people to see their data, delete it, and easily download and export it. These tools are available globally, although we designed them to comply with GDPR too. We’ve also updated our Activity Log on mobile to make it easier for people to see the information they’ve shared with Facebook from their mobile device,” Facebook explained in an email statement to Buzzfeed.
Companies also won’t be allowed to collect your data without your consent and are required to alert you within 72 hours of a security breech.
That just scratches the surface. UK’s Information Commissioner’s Office has an official guide to the GDPR and all that it covers.
Bottom line: It’s worth it to read those emails.
We know private policy is still a little confusing, but the point of these emails is to help you better understand how companies are using your information. On top of that, some companies are asking you to actively give your consent to their new policy and may remove you from their mailing list if you don’t.
You Might Also Like
