Take back (digital) control

GDPR: Keep calm and comply.

The week after next, Terence Kennedy will insist that Facebook deletes his digital indiscretions

SOON the world’s digital overlords will apparently hold 40 zettabytes of information on us.

No I don’t know what that means either, but when a colleague recently asked Facebook for all the information it held on him, he got nearly a gigabyte back. 

That’s the equivalent of 200 copies of the Bible in plain text, if you’re interested. Or not, if you’re an atheist.

Most alarming of all was that it listed every call he had ever made and every message he had ever sent. The good news is that this changes in a fortnight. At least it does for we Europeans, thanks to the acronym of the moment: GDPR. 

From May 25 the General Data Protection Regulation means that organisations may no longer treat us unilaterally as just so much advertising fodder, to be milked of every possible bit of personal information for their nefarious or even non-nefarious purposes. If they do, it’s goodbye €20 million or more in fines. 

The likes of Facebook, Amazon, Google or that popular anatomical research site Pornhub may not harvest our personal data without asking us, may not hit us with 40 screens of terms and conditions we cannot understand as an excuse, may not refuse to tell us what they know about us, and must delete it if we insist. I certainly do.

If they get hacked they have to ‘fess up’ within 72 hours. 

Not only may they merely store our details for a ‘reasonable’ time, but we will have the hitherto denied ‘right to be forgotten’ if we want to opt-out of any part of our brave new digital world.

It’s not just our direct personal data which is affected. Anything which could be identified directly back to us may not be collected without our explicit consent. That includes the ‘IP address’ which pinpoints your specific computer or phone even if you think you operate online anonymously.

The good news for non-Europeans is also that the GDPR will reverberate far beyond the old world’s borders. Any company has to comply when doing business with Europe (here’s lookin’ at you Facebook and Google).

So: The Empire Fights Back? Will it all make a difference where online privacy has devalued more than a Zimbabwean dollar?

A recent survey revealed that 32 per cent of the respondents intend to ask at least one organisation exactly what information it holds on them. 

I will certainly be asking Google to delete details of all those searches I did back then on performance-enhancing substances undetectable by local Scrabble clubs. Purely for scientific purposes, you understand. 



WE’VE all seen those ads which mysteriously track us right across the internet – irritatingly offering to sell us the very item we just bought.

But it’s not just GCHQ, the NSA or even the former KGB who’d like to track us physically too. Soon we might pass the supermarket and our phone might entreat us to buy today’s special on biodegradable crumpets.

The GDPR doesn’t (yet) tackle the thorny issue of surveillance, but it’s coming. Proposed legislation hopes to take the next step: banning surveillance unless you agree. 

Would anyone, other than ‘helicopter’ parents obsessing where their children are 24/7? Or a nurse keeping tabs on someone like my granddad, whose 105th birthday we celebrated this week? (Though sadly he died at 62).