Post a Free Blog

Submit A Press Release

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Filter by Categories
Action
Animation
ATP Tour (ATP)
Auto Racing
Baseball
Basketball
Boxing
Breaking News
Business
Business
Business Newsletter
Call of Duty (CALLOFDUTY)
Canadian Football League (CFL)
Car
Celebrity
Champions Tour (CHAMP)
Comedy
CONCACAF
Counter Strike Global Offensive (CSGO)
Crime
Dark Comedy
Defense of the Ancients (DOTA)
Documentary and Foreign
Drama
eSports
European Tour (EPGA)
Fashion
FIFA
FIFA Women’s World Cup (WWC)
FIFA World Cup (FIFA)
Fighting
Football
Formula 1 (F1)
Fortnite
Golf
Health
Hockey
Horror
IndyCar Series (INDY)
International Friendly (FRIENDLY)
Kids & Family
League of Legends (LOL)
LPGA
Madden
Major League Baseball (MLB)
Mixed Martial Arts (MMA)
MLS
Movie and Music
Movie Trailers
Music
Mystery
NASCAR Cup Series (NAS)
National Basketball Association (NBA)
National Football League (NFL)
National Hockey League (NHL)
National Women's Soccer (NWSL)
NBA Development League (NBAGL)
NBA2K
NCAA Baseball (NCAABBL)
NCAA Basketball (NCAAB)
NCAA Football (NCAAF)
NCAA Hockey (NCAAH)
Olympic Mens (OLYHKYM)
Other
Other Sports
Overwatch
PGA
Politics
Premier League (PREM)
Romance
Sci-Fi
Science
Soccer
Sports
Sports
Technology
Tennis
Thriller
Truck Series (TRUCK)
True Crime
Ultimate Fighting Championship (UFC)
Uncategorized
US
Valorant
Western
Women’s National Basketball Association (WNBA)
Women’s NCAA Basketball (WNCAAB)
World
World Cup Qualifier (WORLDCUP)
WTA Tour (WTA)
Xfinity (XFT)
XFL
0
-- Advertisement --spot_img
HomeBusinessWhy Am I Getting All These Terms of Service Update Emails

Why Am I Getting All These Terms of Service Update Emails

Add to Favorite
Added to Favorite

 

email Cweb (1)

Why Am I Getting All These Terms of Service Update Emails? – CWEB.com

BY  DANNY O’BRIEN

MAY 7, 2018

Anyone looking at their inbox in the last few months might think that the Internet companies have collectively returned from a term-of-service writers’ retreat. Company after company seem to have simultaneously decided that your privacy is tremendously important to them, and collectively beg you take a look at their updated terms of service and privacy policies.

You might assume that this privacy rush is connected to the ongoing Cambridge Analytica scandal, and  Mark Zuckerberg’s recent face-off with Congress. It’s certainly true that Facebook itself has been taking some voluntary steps to revamp its systems in direct response to pressure from politicians  in the U.S.  and  abroad. But most of the companies that are sending you email right now are doing so because of their own, independent privacy spring-cleaning. And that’s almost entirely due to Europe’s General Data Protection Regulation (GDPR), which comes into force on May 25th. Most companies that have users in Europe are scrambling to update their privacy policies and terms of service to avoid breaking this new EU law.

The GDPR  strongly encourages  clarity in “information addressed to the public” about privacy — making now an excellent time for companies to provide clearer and more detailed descriptions of what data they collect, and what use they put it to.

Then again, those updates might be a little overdue. Companies were always supposed to do this under European law — and, for that matter, Californian law too, which since 2003 has  required any service  that collects your private information to spell out in detail out their data use. But the additional penalties of the GDPR (with fines of up to 20 million euro, or 4% of global revenue) and increasing confidence of European data protection regulators have poked many international companies to finally pay closer attention to their legal obligations.

The EU regulators are certainly paying attention to these email updates. A  strongly-worded blog post  this week by EU’s head enforcer, European Data Protection Supervisor (EDPS) Giovanni Buttarelli, warned the public and his fellow regulators to be “vigilant about attempts to game the system”, adding that some of these new terms of service emails could be “travest[ies] of the spirit of the new regulation”.

What To Look For

So what might you look for in these changes? What are the potential good points, and where might Buttarelli’s travesties be hiding?

First, it depends on where you’re living. Companies aren’t under a legal obligation to implement the GDPR’s provisions for all their users. You may even be able to see those new geographical distinctions in their changed terms. People in Europe (not just EU citizens) must be protected under the new law, but it’s an open question whether Americans or those outside both regions will get the same treatment. You should be able to tell the details of those differences from the new policies. (Or not: Facebook, for instance, is only  showing its new, detailed legal justifications  for its data collection to users in Europe, and hiding that page from other users.)

Some of the changes may just involve refinements in terminology. What companies have to do to comply with the GDPR, for instance, greatly depends on whether they’re “data  controllers” or “data  processors” — roughly speaking, whether they have the responsibility to manage your data, or whether they’re just handling it on behalf of another party.

You may well see some frantic games of pass-the-parcel in the next few weeks as different services attempt to minimize or share their compliance burden. You can spot that in how they describe who is the “data controller” in their terms. For instance, Etsy, whose users are both buyers and sellers, has  changed its  language to emphasize that sellers are independent data controllers of your data. Google, meanwhile, has provoked a  furious response  from Europe’s media publishers, after it declared itself the controller for the data from the ads and trackers that publishers put on their own websites, but expected that the publishers were the ones responsible for obtaining consent to share this data.

Some of the other changes have a more immediate, positive result, though. The GDPR is an embodiment of the data protection rights spelled out in the EU’s  Charter of Fundamental Human Rights, which states:

Everyone has the right to the protection of personal data concerning him or her… Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified.

When it comes to changes in these terms, most of the work will be spelling out those “specified purposes” in more detail, as well as explaining why the company thinks they can legitimately process it under the GDPR.

But there may also be changes in your ability to look at the data itself, and change it. For instance, Twitter users can now  peer at the full pile of data  that that company has picked up on them from their tweets and cross-referenced advertisers databases. You can also delete data that you don’t want Twitter to keep using.

That right of access also means that you can take your information with you. Under the GDPR, companies have to provide  “data portability”  — which means that they should provide you with your data in a way that lets you easily move it to a competing service — at least if you are in Europe.

Again, some companies have already offered this ability. Google has offered  “Google Takeout”, Facebook its archive download feature, and Twitter its  tweet archive. But their implementations have often been  patchy and incomplete.

Now more companies will provide these data dumps. The pre-existing services have already  markedly improved. For users in the EU, they should also offer a way to truly and permanently delete your account and all its data.

Still, these are the kind of user-empowering features that some companies would rather you didn’t know too much about, so don’t be surprised if the only news you hear about them comes from poring over these changes to long documents.

As Buttarelli says, such “legal cover” might well be against the spirit of the GDPR, but it’s going to take a while for companies, regulators, and privacy groups to establish what the law’s sometimes ambiguous statements really mean. One particularly knotty problem is whether the language that many of these emails use (“by using our service, you agree to these terms”) will be acceptable under the GDPR. The regulation is explicit that in many areas, you need to give informed, unambiguous consent by “a statement or clear affirmative action.” Even more significantly, if the data being collected by a company isn’t necessary for the service it is offering, under the GDPR the company  should  give covered users the option to decline that data collection, but still allow them to use the service.

That’s what the EDPS is complaining about when he says that some of these terms of service updates could be “travesties”. If they are, you might find some more emails updates in your inbox. And so could the companies sending them–from the EU’s data protection regulators.

This article originally appeared on Eff.Org: https://www.eff.org/deeplinks/2018/05/why-am-i-getting-all-these-terms-service-update-emails

Subscribe to get Latest News Updates

Latest News

You may like more
more