It used to be that the local priest was the best-informed man in town, but his monopoly over confessions has been broken by websites such as Facebook. A single visit suffices to find out anything from name, age, education, employment history and political views to video preferences. But what was posted in minutes can have long-term consequences.
The abundance of data not only makes us more vulnerable to cybercrime, it also leaves the door open for companies to use the date in ways we never dreamed of. For instance, insurance companies might charge some customers more than others as they are perceived to be higher risk based on the data available.
Data protection day on 28 January is a good occasion to draw attention to the risks attached to the use of personal data and what is being done to address these issues. The European Parliament is currently looking at proposals to strengthen individual rights over data protection.
A reform package drawn up by the European Commission incorporates many of Parliament's recommendations to strengthen peoples' rights, harmonise the current patchwork of legislation across member states and beef up enforcement.
The idea is to put consumers back in control. Information on the use of data should be presented in an easy to understand format and consent should be required for every use. Data should be strictly used for the purpose it was collated for. People should also have the right to have data erased or corrected.
The new rules are also meant to put an end to the current fragmentation in the way data protection is implemented in different EU countries. This should remove legal uncertainty and help to restore trust in how data is used.
To boost enforcement, member states would have to establish independent supervisory authorities, to which people could complain in the case of a breach. The new rules would also provide for penalties and the right to compensation.
The proposals are being steered through Parliament by MEPs Jan-Philipp Albrecht and Dimitrios Droutsas, who will write recommendations that all MEPs will vote on in plenary later this year. The two MEPs have broadly welcomed the proposals but want them to be tougher. Mr Albrecht is focusing on the right to be forgotten, the need for consent when using or transferring personal data and sanctions in case of infringements of privacy rights. Mr Droutsas wants to ensure that personal data is not used in ways incompatible with the reason for which it was collected and that the processing of personal data is lawful, fair and transparent to the people involved.
The right to privacy has always been an important issue in Parliament. Concerns about the use of personal data led it to veto a controversial agreement on the transfer of passenger data to the US a few years ago.
Photo copyright SaFoXy