This Lawyer Believes GDPR Is Failing To Protect You – Here’s What She Would Change Sooraj Shah Contributor Enterprise & Cloud
The EU General Data Protection Regulation (GDPR), which only came into force on May 25 2018, is failing to protect consumers and the remit of data protection law needs to be redefined as a result, according to Turing fellow Sandra Wachter.
Wachter, who is a lawyer and research fellow at the Oxford Internet Institute, argues that with modern interconnected digital technologies, data is not so much knowingly created by the user as it is observed or captured by devices and services. This data can then be accessed by cloud services, smartphone apps and Internet of Things (IoT) devices and companies are then increasingly sharing and linking this data.
With this in mind, she believes GDPR is failing to protect people with respect to these inferences, which she believes paint an extremely detailed picture of users’ private lives.
“GDPR focuses too much on the input stage, meaning when data is collected, but not enough on how it is assessed. Once the data is lawfully obtained we have very little control or understanding of what inferences can be drawn,” Wachter says.