We Should Take Better Care of Our Personal Data

Hands holding mobile phones.

Do the constant messages of accepting privacy policy and cookies on websites make you feel uncomfortable? Well, you’re not alone. Although we are constantly asked to accept cookies and data protection settings, few of us have actually used the opportunity to withhold consent to our data being collected.

Researchers Lisbet Berg and Arne Dulsrud at Consumption Research Norway (SIFO) have worked on a new survey where consumers were asked how they have dealt with data protection and data collection following the entry into force of the new General Data Protection Regulation (GDPR) in July 2018 (see fact box).

What is the GDPR?

The General Data Protection Regulation (GDPR) regulates data protection and privacy for all citizens in the European Union and in the European Economic Area (EEA), including Norway, and is the tool devised by the European Commission to protect consumers from commercial players who wish to monitor our purchase history, consumption patterns etc.

Few People Withhold Consent

According to Dulsrud and Berg’s survey, only 13 per cent of Facebook users say that they have changed their settings to activate the option of Facebook not storing certain data about them.

“We can assume that at least two-thirds of the people on Facebook give their consent without knowing what they are consenting to,” states Berg.

The figure is even lower for Google, a mere five per cent say that they have changed the settings that enable Google to use their data.

The survey shows that 82 per cent have heard of the GDPR, and an even higher percentage have been asked to consent to a website using their personal data.

Most people (80 per cent) believe that it is difficult to find out what is being stored about them, and that the data protection settings are confusing and complicated (69 per cent).

A Dilemma for Users

“We have become dependent on our smart phones, Google, Facebook, travel planner apps and many other useful apps. Without knowing it, many people consent to the provider collecting information about our searches and purchases, what we like, our location, who we are and our contacts,” Berg explaines.

She believes that consumers now face a dilemma.

“We are obliged to consent to the collection of personal data for the app to work as intended. In some cases, the terms and conditions are so well hidden that we have to read several pages to find out what we are actually consenting to. We are on so many different platforms that this has become an impossible task for most of us,” continues Berg.

“We should really be much more restrictive and take much better care of our personal data, to prevent their misuse. This challenge would not be as great if Facebook and Google were the only companies collecting our personal data, but every website we visit needs our consent, and the way in which many websites design their data protection declaration, this would simply be too time consuming for us.”

Legislation That Doesn’t Work

Our commercial impulses are driven more and more by algorithms. The GDPR is supposed to protect us from the commercial players who are interested in our data. This reality that the GDPR addresses is only a few years old, and the authorities are concerned. In the worst case, personal data could be used to influence democratic elections, and the consequences of this are unknown.

Researcher Arne Dulsrud believes that the figures from their survey show that the legislation is not working as intended.

“The entire body of legislation is based on users giving or withholding their consent. If the users do not understand how they can withhold or give their consent, the legislation cannot be said to be relevant,” he states.

“This is critical to legislation which is so dependent on the consumers’ reservation.”

Stricter Rules Needed

Lisbet Berg does not blame the consumers but says that stricter rules are needed for how websites present data protection information.

“Protecting your own data has to be made easier. It should be made clear what personal data you are sharing. However, this is not the case today,” she says.

When you start using an app or visit a new platform, the first page should clearly state what data the app needs from you, and what data you can choose not to share with the website without losing access to the service. It should also clearly state what data the website shares with third parties.

“The actual cost of using the app must be made clearer to the users. Whether you pay in euros and cents or by giving away your personal data,” Berg concludes.

Reference

Lisbet Berg and Arne Dulsrud: Tillit og sårbarhet på nett. Forbrukernes praksiser og vurderinger etter innføringen av den nye personvernforordningen (GDPR). SIFO assignment report no. 9-2018 (fagarkivet.oslomet.no - Norwegian).

The report was written on assignment for the Ministry of Children and Equality.

Contact

Loading ...

Featured Research

Detail of a laptop.
Information Systems and Technology

Making Universal Design a Reality

When we design technology to be usable for for everyone, we enable them to participate in society, regardless of disability or impairment. The United Nations refers to this as universal design.

Computer screen seen through the glasses of a man looking at the screen. Most of it is out of focus except the small part seen through the glasses.
Working Life, Society and Welfare

Lack of Knowledge Affects People with Visual Impairments

"Employers do not know enough about visual impairment and therefore choose not to hire applicants," says research fellow Gagan Chhabra at OsloMet.

Minister of Digitalisation Nikolai Astrup and researcher Gustavo Mello looking at a computer screen at the new AI lab.
Information Systems and Technology

A New Artificial Intelligence Research Centre

OsloMet has unveiled a new artificial intelligence research centre. The centre, it is hoped, will help strengthen Norway's position as a leading actor in the AI field.

Published: 9/3/19
Last updated: 11/17/19
Text: Kjersti Lassen
Photo: Robin Worrall / Unsplash