By Alexander Nousias

How clicks determine compliance with the General Data Protection Regulation (GDPR)

Those of us dealing with GDPR have been pretty much (and) concerned with updating our privacy policies and terms of use. But let’s admit what we all know. Privacy policies are of no interest to anyone and offer nothing in their existing form. What interests administrators and – very soon – users is the essence. And the essence in the digital environment for the average prudent user is the effort and / or time required to obtain information and subsequently obtain consent, to withdraw consent for the exercise of rights, privacy settings and understanding of the Terms of Use. This article understands the essence of clicks and architecture. Research published in May 2018 by the Norwegian Consumer Council ‘Norwegian Consumer Council ‘has shown the contradictions in the compliance of the Internet’s greats. The GAFA architecture ( Google , Apple , Facebook, Amazon ) literally imposes a great deal of ease in accepting privacy and privacy intrusions as the path to the opposite is designed with incredible complexity ( privacy by design ). Sine qua non is the fact that no prior setting for privacy ( privacy by default ) no. In addition, the above is accompanied by incredibly large and complex legal texts that serve as Terms of Use. This research has shown e.g. that granting general consensus in the relevant GDPR pop up the Google requires 2 ”, one click and instant access to services, while any user desire to opt-out requires 17 clicks and 72 ” if and when the user understand fully the their choices and architecture. At the same time, continuous questions test our determination to make changes to the default settings, while specially designed formulations present half the truth about the actual results of our choices (see, for example, disabling face recognition technology on Facebook). Amazon Kindle ‘s terms of use, on the other hand, require 8 hours, 59 minutes, and 73,198 words to read, so that the user can keep himself or herself informed. These trends continue to be a practice even in today’s GDPR era. The exercise of the rights of the subjects is a great mystery to all, as the fate of such requests lies with the Managers and with the appetite and financial capacity of the users to find their right in the courts or local authorities. No direct and effective exercise of the options offered, ideally with a click or automated infrastructure consensus flows along the lines of the model ‘ MyData ‘ or protocol Solid , which I would call meta -GDPR protocols or protocols GDPR +. As technologies are expanding and expanding, the GDPR and the legal services we offer will be substantially tested. The (digital) social contract is tested in its entirety. It is therefore requested : a) the number of clicks to exercise rights (one click rights), b) the automated consent to MyData technical standards , c) the degree and quality compliance through text understanding technologies ( Natural Language Processing ) in conjunction with the actual and factual information of users through icons on the model of the licenses Creative Commons and d) the communication understandable texts through pop ups at the right time in the right point. Evolution of the profession depends on perception, understanding and absolute identification with technological developments and related to that user concerns. The relative customer base is large and requires services that will lead them to a meaningful digital transformation with integrated legal compliance. It is enough to consult them in a way that is synchronized with today’s needs. And the attorney matter magically will rise o role of legal adviser will gain some of the lost glory and the RESPONSIBLE Data Protection will be consolidated as absolutely necessary and not even as a ‘tick’ the boxes formal compliance .

Alexander Nousias is a Legal / Ethics Officer at the Institute of Informatics & Telecommunications of NCSR-Democritus and is a co-founder of My Data Greece . He is a Legal Adviser, Specialist in Intellectual Property, Privacy & Data Management. He advises organizations and participates as an Ethics Officer in European Horizon 2020 projects.

Article sources : Norwegian Consumer Council, Deceived by Design , [2018], available at My Data Global , My Data Declaration [2018],

Publication source :