/ Technology

How should our online privacy be protected?

Tasty chocolate chip cookies

The European Commission has set out to completely overhaul old privacy laws to make sure we’re protected online. Not only should less data be taken from us, but we should have the ‘right to be forgotten’ online.

If I started talking about cookies, would you be dreaming of tasty snacks or postulating about website data?

Well if you’re thinking of the former, you’ll be disappointed to hear that there’ll soon be laws to stop cookies from being sent to your computer. If you’re thinking of the latter, then you should be ecstatic.

‘Free cookies for everyone!’ That’s what some websites like to profess. But when they’re using these for targeted ads without your consent, it’s time to worry about your online privacy.

Thankfully from May next year UK law will be amended to be in line with EU regulations that demand your prior consent before sites track your surfing habits.

EU steps up personal data protection

But after consulting with organisations like ourselves, the European Commission wants to take data protection even further. In a 20-page document published this week, it has set out to completely overhaul a directive that dates back to the good ‘ole 90s. The hope is that our online protection will go much further than just cookie consent.

In one instance the EU Commission wants to strengthen penalties for companies that violate privacy laws – such as Google accidentally trawling emails and passwords. Somewhat controversially, the company has so far gone unpunished.

Secondly, not only must websites be much more transparent about how they use our data, how long it’s held and who sees it, there should be a minimisation of the personal data they collect from us.

Plus, the Commission thinks we should all have the ‘right to be forgotten’ online. At the moment, that’s often very difficult to achieve. How, for example, can you permanently delete your profile information on Facebook?

It’s already a hidden process that leaves many users simply deactivating their account. But even if you do manage to delete your data, like photos, it could still be languishing somewhere in a database on the other side of the world – without your knowledge.

What does Which? think

Our in-house lawyer Georgian Nelson has this to say about the proposals: ‘The internet has exploded since the 90s and the volume of personal data now online is huge. So it’s certainly about time that the legislators looked in detail at what’s going on behind that web page.

‘We really welcome the Commission putting consumers’ privacy rights at the forefront of the agenda, and we’ll be working with other organisations to ensure that privacy is still a priority throughout, and beyond, the consultation process.’

The European Commission will now be asking for public consultation (you can tell them your thoughts here) before putting the revised privacy directive into effect sometime next year. Do you think the proposals to protect our online privacy go far enough?

pickle says:
8 November 2010

I think for once the EU has got the right idea. Let’s see what are the details of of these proposals before commenting.

Sophie Gilbert says:
9 November 2010

There are several instances when the EU has the right idea. To name one, it has enacted two directives that define a set of principles offering everyone in the EU a common minimum level of legal protection against discrimination on grounds of race and ethnic origin and on grounds of religion or belief, disability, age or sexual orientation.

I don’t know if the proposals to protect our onlines privacy go far enough, but it’s a start. I guess the proof will be in the pudding: let’s see if a Google-type incident happens again and if this time the company also gets away with barely getting its fingers rapped.

Peter Lorton says:
9 November 2010

I totally agree that there should be a clamp on cookies, so that they are only placed with permission. I have a Cookie folder on my desktop which I empty regularly. Desrable websites still get through.

I also would not object to an email watchdog in the fight against terrorism, providing is is not obrusive. It could operate on a key word recognition system. There again, I have nothing to hide.

Richard Rozmanowski says:
9 November 2010

ALL business should be licensed and regulated in all EU member countries.

Why do we have to have decades of ever increasing TV shows bragging how many crooks con an the elderly polulation and the exchequer.

Ebay took over 9 months to remit over £400 to my son after it had sold his PLaystation and one is in a catch 22 when one tries to complain. Its Financial subsidiary is non FSA complaint and removed from the FSA list over 3 years ago! Ebay has offices in Richmond, Surrey yet I had to write to Luxemburg.
When a transaction goes wrong most internet outfits blind you with reams of scenarios and with some of them one ends up in a catch 22.

My most hated thing is the HITLER like mail response which is one way only – They tell you and you cannot reply!

Doug says:
9 November 2010

The EU often gets things right and often gets them wrong. It depends on the Commission, who make the proposal, the member states, the EU Parliament and the voting system (ie whether unanimity is required or a majority vote will suffice). The important thing is to make sure our own representatives in Government and in the EU Parliament know our views.

This time it looks sensible but we may rest assured that vested interests (eg Google, Facebook etc) will lobby against it. It is also possible/likely that, if it becomes law, they will either withdraw some services (to compensate for the loss of income from selling/using our data) or find a way round it (eg by getting users to agree to consent in order to use the service}. Nevertheless its looks a good proposal and we should support it.

Peter Trueman says:
10 November 2010

Good idea – I hope they push the privacy laws as far as possible.

John says:
2 December 2010

I’m well aware of Google mail scanning both the subject and content of e-mails and then using the information (typically from a keyword scan) to display targeted adds in their mail window, and accept the same in accepting the terms of a g-mail account if I bother to read the small print.

As my ISP, Virgin Media has now moved their webmail service to be a front for g-mail, I was not surprised to see much the same, however I have noticed that their targeted adds do not relate to the mail content, but rather to my recent web browsing.

Typical example would be that I browse several suppliers for a particular product, say a model of wireless router, then next day the scrolling banner add at the top of the webmail page will feature this device and similar from rival or even the same suppliers

If the proposal makes this more open and we have to agree to it to use the service, then so be it. It might be nice to know what services I pay my ISP for and which ones are optional?

What are you going to do which?

While browsing this thread, I see you are hosting tracking scripts for AddThis, Facebook Social Plugins, Omniture and Google Analytics?

Jim Fletcher says:
27 October 2011

It is not just on line protection which is needed, it is protection from Governmenbt Departments selling our personal data to many suspect businesses. In particular when the Driver Vehicle Licensing Authority (DVLA) sell our details to unscrupulous private parking companies, businesses with Automatic Vehilce Registration Recognition equipment and the like for them to harass us for payment of non-existant fines etc. We have no choice on what the DVLA hold of our personal details and no control over who they sell it to. This cannot be right.