Can you control how your data is collected online? Alex McCready is Head of Reputation and Privacy at Vardags We all know that data is big business. Companies are vying to gather as much information about you or I as possible based on our online habits. However, in a post-GDPR world, how internet companies gather this data is still a contentious topic. One of the most hotly contended areas concerns how big internet companies are using cookies to track our behaviour online. However, Google and other UK data controllers, will have breathed a sigh of relief this month. The English High Court has decided that if data controllers such as Google misuse our data we can only seek compensation from them if we have suffered ‘damage’. The case concerned an application for compensation arising from the so-called ‘Safari Workaround’, by which Google allegedly used its ‘Double Click’ technology on the iPhone Safari browser to obtain information about users’ internet usage through its cookies without their consent or knowledge. The claimants argued this breached data protection legislation and sought compensation. In theory, under English law individuals can obtain compensation if they suffer ‘damage’ arising from a breach of data protection legislation. That damage can be pecuniary (ie. financial loss) or the suffering of emotional distress. However, in this case the claimants didn’t even try to argue damage of any sort – they argued the sheer fact of the breach was sufficient. The English High Court disagreed. So what lesson should would-be claimants learn from this? Simply that when pleading your case, you must set out how damage has flowed from the breach. So what does the future hold? In a future where data is king, there will inevitably be many more David vs Goliath battles between individuals and online platforms about the (mis)use of our data. Indeed, Fortune recently reported that Twitter is being investigated by Irish privacy authorities over its refusal to give a user information about how it tracks him when he clicks on links in tweets. For many, the fact that companies monitor our online behaviour via cookies has become a fact of life. Indeed, some of us may even like the expediency of targeted advertising. But those who would like to retain a bit more control over how their data is collected should read-on… 1. Clear the decks: Delete the cookies you already have in your browser settings. For example, on Google Chrome this can be done by: a. Clicking on the three-dot menu icon in the upper right-hand corner. Select ‘Settings’. b. Scroll down and select ‘Advanced’ which will produce and additional drop-down menu. c. At the bottom of the Privacy and security menu select ‘Clear browsing data’. You can then choose to delete just the cookies or all browsing history and select how far back in time you go. Click the ‘Clear Data’ button once you’re happy. 2. Manage your cookies: You can manage how cookies are saved going forward. Go to the ‘Privacy and Security’ menu (by following steps (a) and (b) above) and click on ‘Content Settings’ which should be listed second from the bottom. Then click on ‘Cookies’. In that panel will be a drop-down list of options for the storage of cookies. You can also decide whether you want to block third-party cookies or not. 3. Browse in private: Not everyone knows that it’s possible to browse privately on search engines. For example, on Google Chrome to can hit Ctrl+Shift+N and go ‘Incognito’. That will prevent the Google Chrome browser from saving information on pages you’ve visited, what you’ve searched for, cookies and information entered on forms. Warning: Your activity might still be visible to the websites you visit though. 4. Privacy on social media: make sure you’ve checked your Privacy settings on sites like Facebook and Instagram are at the highest level of security. For example, on Facebook you can also turn-off targeted ads by going to the ‘Settings’ panel and clicking on the ‘Ad Settings’ section and turning off ‘online interest-based ads’.
... those who would like to retain a bit more control over how their data is collected should read-on