International data watchdogs: Websites don't tell you who sees your privates The privacy notices used by websites and apps to tell users what data they collect and how it will be used fail to offer the necessary specifics, an international study has found. The work, carried out by 24 data protection regulators across the world, assessed the notices, communications and sign-up processes used by 455 …
If someone writes an app they have a secondary (or even primary) income from the data they collect. Therefore at time of creating the app they may not know who they are going to sell it to which is why they are particularly vague, likewise depending on the success of the app the storage location of the data could change due to costs.
Realistically people need to be told of what they are giving up before they do and app makers need to be clear that these things could change over time and inform users when they do giving an option to opt out and have their data deleted.
The same applies to websites.
Then again, almost no one reads EULAs or other T&Cs...you would never get anything done if you read them all each time you used something (and you would have to, if you want to be sure that there are no updates).
And if no one reads them, they are not doing the job they are supposed to. Plus, there is also the issue of the unequal relationship between mega-corps and individual end user (Google could afford to buy justice, man on the Clapham omnibus, not so much).
I don't know what the answer is, but currently most of the power is with the corporates and their get out clauses. I accept that creators and providers also need some protection against malicious legal action.
Maybe the Eula's and T&C's need simplifying in relation to this and you get a landing page similar to permissions requests.
What we collect:
Who uses it:
Country Data Stored:
Encryption Used: (No laughing at the back)
With an option to accept or delete all held data.
If that was enforced then there would be no hiding it.
If that was enforced then there would be no hiding it.
While I agree with you (and probably most people would) there's two problems...
The first is lawyers and thieir ilk who like to hide stuff in plain site via legaleeze.
The second is the websites themselves. I try to block 3rd party cookies and the other day, one site that infrequently visit tried to dump 29 cookies from various "partners". Someone would need to spend some time updating this list as on a previous visit it was only about 10 3rd party cookies. That's a lot of collecting and sharing, IMO.
Realistically people need to be told of what they are giving up before they do and app makers need to be clear that these things could change over time and inform users when they do giving an option to opt out and have their data deleted.
As it so happens, those are actual, already live demands of Data Protection laws in Europe. That doesn't mean that many pay attention until they get fined, but, in theory, use must be stated at the time of collection, explicit permission must be obtained prior to that use, and permission must be gained again (explicit) when that use is changed.
I find it all a little strange that all the authorities shout about your data protection and having organisations having clause to provide you with all this and yet in 2017 we still have rogue standard wide organisations from the little man on the corner to big silicon valley style organisations secretly selling off your data.
How exactly is my data protection protected if on the other hand it is sold off to third party?
The answer to this is quite simple. It is my Data I have overall power to hold any organisation to account and should be given all authorities to trod on any big oranisation I feel is reselling my data. When this happens from the biggest to the smallest fish will stop selling my data till then we will see headlines like this...
I still can't believe a big insurance firm I was with 8 years ago is still selling my data and I am still getting calls about an accident 10 years on.. These sort of things should be no you make 10P per sale I make 20% of your overall profit for this year now lets see you repeat this on the next punter
To summarize myself the answer is to make it a an offence to resell data, meaning any and all companies who resell information.
There was a reason data protection was invented and yet you ask any bureaucrat what it means and you will probably get a different answer from each.
If any companies are involved in this sort of game then what their doing should be fully disclosed to end users and with full reasons as to why it is being resold and so forth. This then itself requires a process where end user has to confirm they wish to go ahead with such a wild ride. Can't see a single living sole agreeing to it so it would therefore flop as a business model.
At the moment it is a bit like the wild west on the internet people sign up for a job through job agencies and before you know it 20 companies are emailing you with jobs about it.
Unsure why the headline points to international this is a nationwide and international problem, what needs to happen is to put some practises in place to make it distasteful fine able accountable and shame-able
to name and shame the directors and to make a few headline cases out of them and before you know it is a thing of the past.
I feel quite strongly about this issue since a lot of companies are blatantly out there doing exactly just that and nothing more
1. You can't trust any web service! 2. Govt & Regulators are part of the problem ... Businesses would fold if they behaved like this in the physical market. But digital is for shit. Things started with printed manuals & warranties morphing as everything became digital, Relying on T&C after, was like finger-painting on water... Good luck with tomorrow even if you read T&C today! I'm cutting back! ... Facebook closed, minimal online accounts: banking / email that's it. Whose ready for dystopian future 2.0?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
