MAY 25, 2018 will forever be the day that people got the most spam, ever. It all started a few days earlier but came to a head on the last Friday of May, when we started receiving dozens upon dozens of emails informing us in a variety of shapes and forms about the new data protection laws, known by the English abbreviation GDPR, which came into force on May 25.
They came from online services we may have unwittingly subscribed to years ago, some from trusted sources, and in more than a few cases we got emails from organizations we’d never heard of before. It may have been somewhat disconcerting to find out how many databases actually feature our names and email addresses and to wonder how they got there in the first place. We also probably wondered how many more are out there that deemed it unnecessary or too risky to send us unwanted reminders of how careless we’d been with sharing our information.
Consider all the thought you’d put into deciding whether or not to give your phone number to a guy or a girl you’d met at a bar. You weigh the benefits of a potential date against the risks of having to reject the unwanted or unsavory advances and again the uncertainty and possible embarrassment you’d feel if they never actually used your number at all. Now think of how many dozens of anonymous people have your data without you ever thinking whether or not you should give it to them in the first place.
Some emails came with neatly clickable “Unsubscribe” options, some asked us politely to opt in to stay on their mailing list. Some just sent pages-worth of disclaimers in legalese in the hope that no sane recipient would actually read it to find out how to delete their name from their database.
If you thought that any EU-mandated data protection legislation would be any different, you may have forgotten that it is always their preferred way to “communicate” anything and everything to the end-user. Remember when they told everyone they had to inform you about cookies files being stored?
The problem with this approach is that it puts the burden on the end-user. You could say that the EU believes all its citizens to be capable of making an informed decision and I would be inclined to agree, for the most part. But we are also vulnerable to being manipulated by crafty and shady corporate lawyers, who trick you to clicking OK to almost anything that pops up. How many of you actually read all the pop-ups regarding GDPR? Perhaps you read the first one or two, but you probably gave up after the third one. One shifty website went as far as to write at the end of a page-long snooze-fest of an explanation that if you agree to everything stated above, just click the “X” button in the top right corner. Who, on god’s green earth, has the time for a 10-minute debate with your browser every time they visit a website? But if you unwittingly consent to something, it’s on you, the legislators did their job: after all they made the service provider ask you all kinds of convoluted questions.
The volume and scope of all the unsolicited GDPR consent requests has in fact led to some weird sort of panic. It may have, in fact, contributed to a variety of ludicrous, and sometimes even dramatic incidents that have happened in Poland over the past few weeks, such as:
• A cemetery was closed for several days because there were headstones of people who are still alive (yes, it’s creepy, but let’s not judge how people choose to prepare for the afterlife).
• A university blurred the names of their employees on the “Office hours” list, so that now you can only find out that John XXX works in room 501 between 2 and 4 pm, while Linda XXX is on maternity leave (beware the sensitive information).
• A clinic obscured the specialties of the doctors on their office doors, so that e.g. patients seeing a proctologist wouldn’t feel embarrassed.
• After a recent major accident in southern Poland where a student-filled coach collided with a truck resulting in many injured kids, parents had trouble locating their children because hospitals would not release patients’ data over the phone.
Hopefully, now that we’ve either ignored the GDPR emails and pop-ups or unsubscribed wherever we could, the world should go back to normal. Our data should be safer. For better or worse, we now live in a world under the protection of the almighty GDPR.
– Beata Socha