With Data Privacy Day becoming more important each year, Steven Furnell, senior member of the IEEE and professor of cyber security at the University of Nottingham has reflected on the ongoing security challenge around potential new data policies:
“Today’s application users have a heightened sense of awareness that data protection is something they should care about. The GDPR-inspired consent questionnaires that we are regularly faced with on entry to websites illustrate just how much the providers would like to collect given the chance. Those users that don’t simply select the ‘accept and continue’ option, will have been confronted with a range of approaches to seeking their consent. Some sites keep it simple, while others present a myriad of options that users must individually disable in order to minimise data sharing.
“Part of the problem that we face with data protection and privacy is that the related information is traditionally expressed in a language that users cannot readily understand. Not only is it excessively long, but it is phrased in legal, jargon-filled language that most people will not easily interpret in relation to their own use of the service.
“Certain applications have recently made a laudable attempt to communicate things more clearly, with the introduction of ‘privacy labels’ that developers are now required to display alongside the apps they make available. While things are improving in some respects, we still have some way to go in terms of getting people to understand data value and be in a position to more clearly relate it to the sites and services they may be using.”