"Freedom is what you do with what's been done to you." – Jean Paul Sartre.
Existentialism wouldn’t be my strongest suit. Other than a basic understanding that it’s a philosophy which holds the freedom of the individual in very high regard, I would turn down any invitation to be the “20th Century philosophy guy” on a pub quiz team. What little I do know about one of its leading exponents, Jean Paul Sartre, is that he would likely be a big fan of GDPR, the EU’s far-reaching new set of regulations protecting individuals’ data privacy online, coming into effect in May.
In no other context have individuals’ rights to privacy been so blatantly ignored by commercial and political interests than in the digital world. Freedom online is most definitely what the late Frenchman would have described as “what you do with what’s been done to you”.
After almost three decades of public internet access, ‘WWW’ has shifted from being an acronym for the World Wide Web – a wondrous, new source of information for all with endless possibilities – to the World Wild West where one’s digital life is held in the lowest possible regard. To say that our private data has been unfairly accessed by governments and enterprise, however, opens up another can of philosophical worms: what’s considered “fair” and “unfair”.
Fairness is relative and, given there are precious little rules defining what’s right or wrong in terms of online behaviour, privacy has been one of the first casualties of the digital age.
In breach
That's why it's worth recognising the importance of the GDPR, coming into force in the European Union in May. According to EUGDPR.org, "organizations in breach of its regulations "can be fined up to 4 per cent of annual global turnover or €20 million (whichever is greater)".
Consent to use an individual’s data by private companies “must be clear and distinguishable from other matters and provided in an intelligible and easily accessible form, using clear and plain language.” In addition, it must be as easy “to withdraw consent as it is to give it”. That’s an example of plain English if ever I saw one.
Article 17 of the new rules relates to an area where individual privacy has been undermined perhaps the most: the right to be forgotten. “Also known as Data Erasure, the right to be forgotten entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data.”
The list goes on and it is worth paying a visit to EUGDPR.org to see for oneself. These new regulations may be long overdue but the fact that the EU has been able to agree upon such far-reaching protections is still to be commended.
Here in the US, where capitalism has established roots so deep in the most fertile digital soil, paranoia about data privacy is widespread. Between the lack of regulation regarding commercial use of data, to the hacking of the most recent national democratic process by a foreign government to influence the result, many are doing everything but sporting tinfoil hats round these parts. Digital suicide (through the deletion of social media accounts, unsubscribing from mailing lists, etc) is rampant. Not that any such actions will permanently delete one’s history entirely, but it at least offers a fresh start.
Poor reputation
According to Dr TJ McIntyre in a column in The Irish Times last week, the Republic's citizens have as much reason to be paranoid as "we ourselves" in the US, so poor is the Republic's reputation for data protection (a reputation which will not be improved by the government's new Data Protection Bill 2018, which limits the severity of GDPR penalties for those caught in its digital net. We wouldn't want to upset the MNCs greasing the wheels of the nation's entire economic model now would we?).
“But hey! Don’t listen to me! This wasn’t meant to be no sad song. We’ve heard too much of that before.” This is a time for nerdy rejoicing. As is so often the case with new innovations, the law must catch up with technology, which is far more agile than the bureaucratic processes which slow down democratic systems. So let’s be happy that European governments are finally ready to make GDPR a reality, notwithstanding those member states trying to spoil the party.
Even if our worst fears turned out to be true – that is, both political leadership and major tech MNCs were in cahoots, monitoring our behaviour like a 21st Century Gestapo – it’s best to laugh it off for now and look forward to the implementation of GDPR. Given how boring and mundane most data must be, you’d almost shed a tear for the poor officers hired to do the donkey work. Spying on the digital lives of others must take up most of their day. There you go Mr Sartre, I’ve a new existential crisis for you: the tragedy of having no digital life of one’s own.