Privacy, Surveillance, and The Law of Social Media

Introduction

The personal data whose mishandling leads to infringement is usually the data that contains sensitive information about a natural person. This data includes information about an individual’s race, ethnicity, political inclinations, genetics, health status, biometrics, religion, and sexual orientation.[4] Having established this, it’s, therefore, an individual’s right to be appraised on how their data is used, bar the use of the data, request for its removal, update, or portability.

            Serious infringement of this stipulation leads to a fine of ten million euros or 4% of the organization’s annual turnover of a fiscal year whichever is higher. An individual responsible for the use of personal data has to adhere to a set of strict rules referred to as ‘data protection principles. They therefore must make sure that the information is: used in a fair, lawful, and transparent manner, used for the specified and explicit purposes, used adequately, relevantly, and limited to only what is necessary, kept up to date, and kept for no longer than is necessary, handled securely, including protection against unlawful or unauthorized processing, access, loss, destruction or damage.[5]

In direct marketing, the GDPR rules on direct marketing with a focus on calls texts, and emails, to individuals and how they affect lead generation and the use of marketing lists. It will therefore help the responsible organization to operate within the law and maintain their good reputation with customers and set out what enforcement action can take against those who ignore the rules.[6] in this light, the organizations must therefore not send marketing texts or emails to individuals without a prior specific consent there is however an exemption of the previous customer who is known as the soft opt-in. in this case, organizations are required to stop contacting the customers once they opt out.

With the UK and the international community economy revolving around the availability and the use of data, the question of how this provision is affecting the marketers has risen a discussion in recent days. It brought about the questioning of the purpose of its existence and whether it should be removed and replaced with legislation more focused on whether automated decision-making meets a legitimate interest area. In this paper, I will carry out a critical analysis of what this provision does for the society and its effect on the market thereby determining whether it’s in the best interest of the UK, in general, to remove the provision or if it should be kept in place.

Advantages of having the stipulation

There is the question of what pertains to a legitimate test and who is authorized to classify the cause as legitimate or not. To remove such a provision, the definition of a legitimate test must be clear so that trust can be built. Some individuals would not react well to their personal information being shared. “Strengthening data protection legislation and introducing tougher enforcement measures, the EU hopes to improve trust in the emerging digital economy.”[7] Building trust and a safe business environment were what the GDRP aims for, to break it, you have to create an equally safe environment and trust despite what an organization is offering. The EU endeavors to regain the trust put by the society in the business enterprises responsible for the treatment of their data thereby increasing the digital economy across the EU-internal market.[8] The legislation must hence provide for legality, equality and transparency, data restriction, data minimization, accuracy, storage limit inhibition,  privacy, and maintain accountability.[9] The credibility, therefore, has to remain intact whether the provision remains in place or not.

This provision also plays a major role in maintaining the credibility of the enterprises and brands. People are not trusting in nature and knowing that there is a set of laws that has your best interest goes a long way in maintaining the credibility of businesses. Besides, it’s a fact that once this provision has been waived, the businesses will act majorly in their interests than those of their customers. Working to maintain that companies are in line with the GDPR standards has become a vital benchmark for enterprises providing products and services to companies, as well as for the companies that seek to differentiate themselves to potential consumers.[11] Its therefore in the businesses’ best interest to make sure that they adhere to this provision so that the consumer can be confident when receiving services from a brand. Responding quickly to data breaches and remaining in compliance with the GDPR, as will inspire ongoing trust with your customers.[12] this provision, therefore, works in favor of both parties involved.

Disadvantages of the Stipulation

A free share of data would lead to streamlined services. If data would be shared among the businesses, this would lead to business mapping that in turn leads to streamlined services and products. For instance, if a business manages to identify a gap in the market, based on social media activity, then they would be able to produce a product or a service that is tailored for the specific purpose in that region. this would therefore mean an increase in productivity and a reduction in materials used and hence cost of products would most likely go down. This would favor the consumers and the producers at the same time. “Digging into data and the use of a combination of creativity, psychology, logic, and mathematics would help find the unseen patterns that can help clients reach their goals.”[15] when these techniques are put in place, this would lead to reduced cost of living, increased revenue for the country, and increased profits for the shareholders of the said organization. This all is subject to a review of the provision.

The availability of huge databases would lead to increased security. Most criminal profiling techniques are built on the use of social media arenas to track down and understand the motive and patterns of a suspect. It is this information that assists the investigators to determine the possible whereabouts of the suspect in question and consequent apprehension. Some social media apparatus like Facebook are rich with data that can be used to build a criminal profile. In addition, this step could go a long way in the mitigation of such crimes. Say a person is planning to build a nitrogen bomb. The said person will have to buy nitrogen-based fertilizer in bulk. As soon as this happens, the security agencies can then be notified and they investigate what the purpose of such amount is for and destruction is averted. With free sharing of information, whether the said individual buys be it from one store or many stores then they can be tracked and questioned.  In 2008 72 criminals were apprehended by the US law enforcement who were connected to a renowned gang by obtaining large amounts of data from a social media platform and establishing links between the criminals and their profiles, analyzing that data, and finding links between the gang members and their network.[16]

Personalized ads have led to the exponential growth of small businesses. This point goes in both ways, say I am shopping for coffee then the business enterprise suggests a packet of sugar for me, then they suggest bread, and so on. They would be using the data obtained to make my shopping easier while still marketing their products. This would be very beneficial for both parties involved one in saving the time they use for shopping and the other in boosting their profits. “Last year a 30-second TV commercial in the US cost an average of 104.7 thousand dollars, and that’s not even including the price of the production.” [17] now imagine a person tweeting a picture of their business and based on the article people like they reach the targeted audience. Then that person has cut through the noise in the market ad advertised their product without spending as much as 5 euros on an advert.

Conclusion

To sum up, this argument, having considered the pros and cons of the abolishment of this provision, I would be more inclined to let it stand at least for now. While it is true that the removal of these stipulations would be like the removal of shackles to our organizations, I do not think we are prepared enough to deal with the kind of privacy breaches and leakages that is most likely to come with the removal of the stipulation. In order to do well for the organizations, we must first come up with a panel that will be mandated to make the decision of whether and how much information should a particular organization receive. It would be illogical and naïve to think that this enterprise will be bound by ethics to not share that information or to take good care of it and use it properly.

Bibliography

Edwards J, ‘6 Business Benefits of Data Protection and GDPR Compliance’ (14 January 2021)

Direct marketing code of practice; draft code for consultation p 26

Sharma S, Data Privacy and GDPR Handbook (Wiley & Sons, Incorporated, John 2019) p 61

Coos A, ‘GDPR: The Pros and the Cons’ (Endpoint Protector Blog, 10 December 2020) <www.endpointprotector.com/blog/gdpr-the-pros-and-the-cons/> accessed 7 May 2022

Moore  A.  the GDPR and managing data risk  (john wiley and sons 2018) p 54

General Data Protection recital 39

Alavi T, ‘4 Benefits You Receive by Sharing Your Data to Companies’ (towards data science, 30 November 2020) <https://towardsdatascience.com/4-benefits-you-receive-by-sharing-your-data-to-companies-70ca58e11989> accessed 8 May 2022