June 1st, 2018
From the interview:
“Most people their natural reaction is ‘delete’, and not to read those,” said Adam Stone, Chief Privacy Officer at Secure Digital Solutions in St. Louis Park, a company specializing in information security.
Stone advises otherwise as a consultant who often writes those privacy policies for companies.
“There is a lot of interesting stuff in those policies, stuff people should know, because it outlines the way companies, use, store, share and safeguard the data they’ve got about,” said Stone.
The GDPR law is considered the world’s strongest protector of digital privacy. It applies to United States companies with business overseas, but has broader impact, leaving any US business with a web presence with homework to do.
Under GDPR, companies are required to ask to collect your data, to ask for consent to communicate with customers. It gives consumers more control to update, change, or correct data, and the right to figure out who is processing their data, potentially even a third party that might receive information.
The law says customers have the right to share only data that is necessary, ask a company to erase or pull data and take it to a new service.
With more notice and disclosure, GDPR requires companies to tell users about data breaches that could affect them, and requires terms of service agreements to be more understandable, and consumer friendly.
To Stone, consumers should be encouraged the shift in the EU could signal a new norm here in the United States.
“As a consumer, it gives me a sense of trust in the companies I choose to do business with and frankly in the internet age, trust is a key currency.”