Companies often publish several different privacy statements – and every single one of them is confusing for customers. An EU regulation is now aiming to provide clarity.
Whether social media giant or supermarket chain: in a digitized world, customer data is extremely valuable to all kinds of undertakings. It tells companies what their buyers like best and enables them to develop new products based on those preferences, or to sell the data on to other companies.
Many customers have no idea how their personal data is stored and processed by companies. This is partly due to the privacy statements, which companies must use in order to obtain their customers’ consent. More often than not, these statements are long and difficult to understand.
Many companies even publish different versions for different products or groups of customers, as Germany’s digital association Bitkom has found out (see graphic):
More than one in two companies in Germany with over 500 employees use at least three different privacy statements for their business purposes.
The use of multiple statements is likely to confuse many customers even more.
While it is true that data protection provisions should first and foremost be legally sound, from the consumer protection perspective, privacy can only be effective if customers are able to understand in the first place which items of their data are collected when, why and in what manner.
The EU General Data Protection Regulation, which entered into force at the end of May and must be fully applied by May 2018, is designed to ensure greater clarity.
The regulation states - among other things - that companies must inform their customers in a precise, transparent, clear and easily accessible manner what the purpose of storing their data is. Companies may also use pictograms as a means to achieve this.
However, it remains to be seen to what extent the EU’s requirements will take effect in practice. The good news is that Telekom, Germany’s largest provider of telecommunications services, has already issued a supplementary privacy statement, which summarizes all key aspects on one page. This ‘one-pager’ tells users which data is stored in what manner and explains that Telekom creates ‘pseudomised’ user profiles.
Specific details as to how Telekom uses these user profiles are not provided however; presumably the data will continue to be used for market research and advertising purposes. At least it can be said that the simplified privacy statement is a step in the right direction.
With „NextGenerationEU”, the EU provides comprehensive grants and loans for public investments and reforms in its Member States. At least 37% of the overall amount should be spend on forward-looking investments and structural reforms in favour of climate ...
As governments across the world continue to face the challenge of tackling Covid-19, the current crisis also presents an unprecedented opportunity to reboot global economies in a manner that builds more sustainable, inclusive, and resilient societies, in line ...