DATA
& CONSENT
Join the conversation on:
DATA & CONSENT
Featuring Usama Khilji (Bolo Bhi)
Usama Khilji, Director of Bolo Bhi, joins us for a conversation on consent in regards to the international importance of digital and privacy rights in face of censorship, cybercrime and surveillance as well as the right to be forgotten.
Key Terms and Definitions
Here we clarified key terms and definitions to understand the topic better.
“Camfecting is a term describing a situation where hackers utilize a device’s camera for unauthorized purposes. It is called camfecting because the hacking behaviour infects the camera. Camfecting is a significant concern in today’s security world.”
“Cyber Sextortion is a form of scareware extortion in which the attacker contacts the victim to claim (almost invariably falsely) to have obtained images of the victim pleasuring themselves while viewing an adult site, and threatening to share the embarrassing images with acquaintances of the victim. The victim is asked to pay a ransom, or else.”
“Digital literacy refers to the skills required to achieve digital competence, the confident and critical use of information and communication technology (ICT) for work, leisure, learning and communication.”
“A hacker is someone who gets into other people’s computer systems without permission in order to find out information or to do something illegal.”
“Online impersonation includes any action which uses Internet access or electronic communication to assume the identity of another person.”
“Phishing is the activity of tricking people by getting them to give their identity, bank account numbers, etc. over the Internet or by e-mail, and then using these to steal money from them.”
“Ransomware is a type of software that is designed to block access to a computer system until a sum of money is paid.”
Did you know… ?
Here are facts and figures on the topic.
Want to help spread the word? Share our animation on DATA
Here are a few quick facts and some easy to understand information on this topic. Feel free to post to your social media accounts to get your friends involved.
Share now:
Data Resources
Check out the following resources to learn more about Data and Consent.
Privacy Advisor Podcast
PODCAST
This podcast is focused on contemporary issues in data privacy and cyber-security.
General Data Protection Regulation (GDPR)
LAW
GDPR.eu is a resource for organizations and individuals researching the General Data Protection Regulation. Here you’ll find a library of straightforward and up-to-date information.
Cybersecurity: Managing Risk in the Information Age
ONLINE COURSE
Data Protection Report
REPORT
The Data Protection Report provides thought leadership on emerging privacy, data protection and cybersecurity issues.
Why do we need data on violence against women?
YOUTUBE CHANNEL
Europe Institute for Gender Equality has launched a series of videos on gender-based violence.
Data feminism
BOOK
Data feminism by Catherine D’Ignazio and Lauren F. Klein in a new way of thinking about data science and data ethics that is informed by the ideas of intersectional feminism.
Myth Busters
Data and consent are topics that are often misunderstood because of the myths surrounding them, here we want to clean up some of the most prominent misconceptions.
How to…
Check out these guidelines that help you to have conversations on consent.
… secure access to personal data.
Advice: One of the easiest ways to secure one’s data that is very seldomly practiced is to choose secure passwords. All passwords should be different from one another and hard to guess. Make sure your passwords are at least eight characters long, with a mix of upper and lower case, and include numbers or other characters, and never use the auto-complete feature for passwords.
... secure one’s bank account details.
Advice: Don’t access personal or financial data with public Wi-Fi. It’s best to do those things on a secure connection.
… avoid access to personal messages.
Advice: End-to-end encryption makes it near-impossible for anyone — even the app maker — to see what’s being said.
Data and Consent Cases
Here we highlight prominent cases.
Cassidy Wolf and Jared James Abrahams
CASE:
In November 2013, American teenager Jared James Abrahams pleaded guilty to hacking over 100-150 women and installing the highly invasive malware Blackshades on their computers in order to obtain nude images and videos of them. One of his victims was Miss Teen USA 2013 Cassidy Wolf. He was sentenced to 18 months in prison.
ANALYSIS:
Hacking people’s devices is a real threat that can be avoided when taking necessary precautions. Yet it is important to have consent-based laws in place when it comes to the digital world in order to prosecute people who are infringing on other people’s privacy and obtain information that is private, intimate and should remain confidential.
Know Your Rights
The protection of data and privacy rights is of utmost importance and it is important to understand the rights you have in this domain.
Interpretations of Consent and Data
According to each country data protection and privacy rights differ.
European Union (EU)
The EU General Data Protection Regulation (GDPR) defines personal data as any information that relates to an individual who can be directly or indirectly identified. Names and email addresses are obviously personal data. Location information, ethnicity, gender, biometric data, religious beliefs, web cookies, and political opinions can also be personal data.
There are strict new rules about what constitutes consent from a data subject to process their information, namely: consent must be “freely given, specific, informed and unambiguous.”, requests for consent must be “clearly distinguishable from the other matters” and presented in “clear and plain language.”; data subjects can withdraw previously given consent whenever they want, and controllers have to honor their decision. Moreover, children under 13 can only give consent with permission from a parent and controllers need to keep documentary evidence of consent.
Law: Recitals 32, 42 and 43 and Article 7 of the GDPR
(europa.eu)
India
Inspired by the GDPR, the Personal Data Protection (PDP) Bill was proposed in 2019 to bring about a comprehensive overhaul to India’s current data protection regime, which is currently governed by the Information Technology Act, 2000 and the rules thereunder.
According to the current rules, collecting entities must obtain consent in order to collect the data. However, the PDP Bill provides for certain bases on which collecting entities can rely to process personal data, such as: consent having been gi ven or employment purposes.
Law: THE PERSONAL DATA PROTECTION BILL, 2019
(Personal Data Protection Bill)
United States
There is no single principal data protection legislation in the United States. Instead, there are several laws at both state and federal levels aiming to protect the personal data of US citizens. These laws vary considerably in their purpose and scope. Most impose data protection obligations on specific industry participants or specific types of data, such as children’s data.
Consent also differs from regulation to regulation. For example, in contrast to the Health Insurance Portability and Accountability Act (HIPAA) or Gramm-Leach-Bliley Act (GLBA), there are no privacy provisions in the Fair Credit Reporting Act (FCRA) requiring entities to provide notice to a consumer or to obtain his opt-in or opt-out consent before collecting or disclosing the consumer’s data to third parties.
However, he Privacy Act is a United States federal law enacted on December 31, 1974, to govern the collection, use, and dissemination of PII about individuals held by federal agencies. The general rule under the Privacy Act is that an agency cannot disclose a record contained in a system of records unless the individual to whom the record pertains gives prior written consent to the disclosure. There are twelve exceptions to this general rule.
Law: Privacy Act
(Overview of The Privacy Act of 1974 (2020 Edition))
We are evolving as we share
Let us know about your comments and feedback on the information provided on our website. Is there anything to be added or adjusted? Simply contact us.
Stay up to date with the latest podcasts, new resources, and progress with our petition.
Subscribe to the newsletter
This campaign was produced with the financial support of the European Union within the framework of the European Union Sivil Düşün Programme. Its contents are the sole responsibility of Nicole Bogott/The Philia Project e.V. and do not necessarily reflect the views of the European Union.