[ad_1]
Thomas Holt, Professor of Criminal Justice at Michigan State University, wrote this piece for The conversation, an independent collaboration between editors and academics that provides badysis and commentary to the general public. See the whole list of articles written by MSU faculty for conversation.
France hit the headlines on Jan. 21 to fined Google $ 57 million – the first fine to be imposed for violating the recently enacted EU General Data Protection Rules. . The GDPR, as it is called, aims to ensure that consumers' personal information is used and appropriately protected by businesses. It also creates procedures to sanction companies that abuse information.
According to the National Commission for Information Technology and Liberties (CNIL), which has raised the fine, the French data protection company has not provided users with clear and concise information. they needed to understand how she collected or protected her data. with that. In addition, the CNIL stated that Google had not obtained the consent of the user to show him personalized advertising. For its part, Google can appeal.
Similar surveys are underway in Facebook, Instagram and WhatsApp in other regions of the EU.
This case shows the increasingly important role that the EU intends to play in controlling the use of personal information by large companies and online organizations. The United States is lagging behind Europe on this front. As a researcher studying computer hacking and data breaches, I would say that the United States may have ceded regulatory powers to the EU, even though it is home to most of the major providers Internet services. Why has the US not taken an equally strong approach to privacy management and regulation?
Do some Americans care?
There is no single answer to why the United States has not taken similar measures to protect and regulate consumer data.
Americans use online services in the same way as their European counterparts and at generally similar rates. And the growing number of data breaches affecting financial institutions, retailers and government targets has undermined the privacy of US consumers. The federal government's own Personnel Management Office has lost millions of files, including social security numbers, names, addresses and other confidential details, in hacks. My research shows that hackers and data thieves make huge profits from the sale and misuse of personally identifiable information.
It is possible that years of constant violations have created a sense of "violation fatigue". Perhaps the Americans are no longer responding to the loss of information because it seems that we can not do anything to stop the problem.
There may also be generational differences in the perceived value of privacy in online spaces. The millennial generation, which has known only one world characterized by the Internet and social media, seems more willing to disclose personal details via online platforms compared to older groups. However, several studies suggest that the younger generations might be willing to do this simply because they are not as aware of the threats they face when collecting online data and mismanagement as older generations elderly.
At the same time, studies have shown that consumers may be willing to provide personally identifiable information in certain circumstances, particularly if they can benefit from it. They probably do not really understand how and why the collection of information poses a threat to their privacy in general.
Companies do not want these regulations
The resistance of social media sites and Internet service providers to external regulation is also a likely reason why the United States has not acted.
Facebook's practices over the last few years are a perfect example of why and how legal regulation is vital, but companies strongly oppose it. After hearings and investigations into Facebook's role in spreading Russian political misinformation, as well as the Cambridge Analytica scandal, Facebook has put in place a new set of rules of political transparency to help people understand who was paying the price. content and why it was broadcast.
Meanwhile, Facebook's management has taken extraordinary steps to target public critics demanding increased scrutiny, sowing confusion over why Facebook should be regulated. And past attempts to regulate the platform seem to have been ignored by Facebook for years.
If the providers do not protect the confidentiality of the data themselves, I think the government needs to implement stricter regulatory guidelines.
If the United States continues its current momentum, it will be exposed to a significant risk not only for the security of personal information, but also for the legitimacy of the government agencies responsible for investigating wrongdoing. Many technology researchers, including myself, are already seeing this phenomenon in cybercrime investigations by law enforcement. The transnational nature of these offenses, coupled with a lack of reporting to the police, has reduced the ability of local, state and federal agencies to respond.
Businesses are helping to fill the regulatory gap in cyberspace, whether it's fighting hackers or eliminating child badgraphy. If the US continues to allow Internet service providers to regulate themselves with minimal external controls over data privacy, it is unclear how to regain lost ground.
This article is republished from The Conversation under a Creative Commons license. Read the original article.
Source link
