Question(s):
In your responses to your peers, provide feedback on their explanations. Your feedback should be constructive and should address the following:
- How do your peers’ posts help clarify the concepts for you?
- What other information should your peers have included in their responses?
______________
PEER POST # 1
In my opinion limiting how information is used and who has access to it should be the very first though of any company when acquire personal information about a customer. Too many times we have heard the stories of people having received a letter, or have received a letter yourself, from a company stating there was a data breach. Then you find out years down the line that the reason behind the breach was because of how the credentials to access the network where you data was housed was mishandled on gave the attacker access to that information. Making a company liable for the information, state why they are asking for the information, and layout exactly what that information will be used for is a very fair ask on the part of the customer. However, in some cases this is already happening in the terms of service agreement of a product of service. In which case most people will agree to it because they want to use that product or service. At the end of the day I fully support their being more legislation similar to the GDPR to hold companies accountable for the information they have asked to hold on to.
PEER POST # 2
Overall I think that GDPR is a really good thing. Many of our data protection laws are so far behind the advances in technology, that having new and updated laws is really important. Many companies operate on implied consent that consumers give to the use of their data or terms of service agreements that, lets be honest, no one reads. Explicitly informing consumers how their data is being used not only forces corporations to act ethically and be more responsible with consumer data, but it allows users to build trust with the companies that are obtaining their data. I think that implementing a regulation like GDPR in the United States would be a difficult thing to do because there are many companies within the US that make a profit selling data to other companies. Take for example Facebook, who in recent years has been in hot water for their handling of data. They share their consumer data with advertisers so that they can tailor ads specifically to your preferences. For some, that is no big deal, getting ads that are tailored to your preferences is sometimes a good thing. However, some may see this as a breach of privacy and not want this to happen. Implementing something like GDPR would allow users to see that their data was being used in such a way so that they could make an informed decision on if they would like to continue using that service or not.
