Digitalization, Data Privacy and Our Human Rights: The Good, The Bad and The Cookies

Digitalization has made the world a global village and simplified life.

It has made available software and applications, that allow people to access, use, create and publish digital media. It enables the easy and free flow of information, as well as provides access to computers, other electronic devices, and communications networks.

This article delves into the transformative influence of digitalization on fundamental human rights, specifically focusing on the right to privacy, data protection, freedom of expression, and access to information. It is a thorough analysis of how digitalization has reshaped the exercise, protection, and potential violation of these essential human rights in the digital era.

Digital rights recognize the right of individuals to access, use, create and publish digital media, and the right of access to the computers, electronic devices, and telecommunications networks necessary to exercise them.

It is closely linked to universal and equal access to the internet, freedom of expression, information and communication, privacy and data protection, the right to anonymity, the right to be forgotten, protection of minors, and intellectual property. There is no goal under the Sustainable Development Goals that promotes digital rights, but its importance cannot be overestimated as it contributes to the fulfilment of every SDG.

Despite the numerous advantages of digitalization, it has ushered in a concerning era for data privacy.

Digital technologies have enabled the collection and storage of vast amounts of personal data. Companies, governments, and online services collect data on individuals' preferences, behaviors, and interactions. This extensive data collection raises concerns about the potential misuse or unauthorized access to personal information.

It has also increased the risk of data breaches and cyberattacks. Hackers and malicious actors have more opportunities to gain unauthorized access to databases and systems, potentially compromising sensitive personal information.

Data breaches can lead to identity theft, financial fraud, and other privacy violations. Many digital services and platforms require users to provide personal information in exchange for convenience, customization, or access to certain features. Individuals often must weigh the benefits of using these services against the potential privacy risks associated with sharing their personal data. Sometimes, websites and applications do not even give individuals a choice.

The collection of data also allows for profiling and targeted advertising. While this can enhance user experiences, it also raises concerns about privacy, as online activities of individuals are constantly monitored, and their personal information are exploited for commercial purposes.

Digital technologies have also made it easier for governments to monitor and access individuals' data. Mass surveillance programs, data retention laws, and government requests for user data from tech companies have sparked debates about privacy, civil liberties, and the balance between security and individual rights. Individuals do not have control over how their data is stored, shared, and used, and unfortunately, many people are not patient enough to read privacy policies.

Attributes of technology such as WEB 2.0 and 5G, and content creation on social media have made the internet more interactive and the sharing of information very fast. This has created a blur in the lines of what can be shared, and challenges to the protection of data and data privacy.

WEB 2 creates a more interactive web as it uses cookies, which has become very controversial.

If you've clicked a new website on your phone or computer over the past 18 months or so, you’ve probably seen it - a notification informing you that the page is using cookies to track you and asking you to agree to let it happen.

The site invites you to read its “cookie policy,” (which, let’s be honest, you’re not going to do), and it may tell you the tracking is to “enhance” your experience — even though it feels like it’s doing the opposite.

To back up a little bit, cookies are pieces of information saved about you when you’re online, which track you as you browse. Cookies are small files that websites send to your device that the sites then use to monitor you and remember certain information about you — like what’s in your shopping cart on an e-commerce site, or your login information.

So, say you go to a weather website and put in your zip code to look up what’s happening in your area; the next time you visit the same site, it will remember your zip code because of cookies.

There are first-party cookies that are placed by the site you visit, and then there are third-party cookies, such as those placed by advertisers to see what you’re interested in and in turn serve you ads to fit your preferences — even when you leave the original site you visited. This is how ads follow you around the internet thereby creating your unique digital footprint.

These pop-up cookie notices all over the internet are well-meaning and supposed to promote transparency about your online privacy. But in the end, they’re not doing much. Most of us just tediously click “yes” and move on. If you reject the cookie tracking, sometimes, the website won’t work which is a violation of the European Union's (EU), General Data Protection Regulation (2016) and other data protection legislations. But most of the time, you can just keep browsing. They’re not too different from the annoying pop-up ads we all ignore when we’re online.

The digitalization of data has prompted the development of new legal frameworks and regulations to protect individuals' privacy. Examples include the European Union's General Data Protection Regulation (2016) (GDPR), the Nigerian Data Protection Act (2023) and the California Consumer Privacy Act (2018) (CCPA). These regulations aim to give individuals more control over their data and impose obligations on organizations to ensure privacy protections.

The GDPR does not expressly provide for third party cookies. However, It states that consent must be given for the use of personal data and such consent must be express and unambiguous. According to Article 4 of the GDPR, personal data refers to any information relating to an identified or identifiable natural person. This includes information such as names, identification numbers, location data, online identifiers, or factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that individual. The GDPR provides a broad definition of personal data to ensure that individuals' privacy rights are protected and that organizations handling such data are subject to appropriate data protection obligations.

Articles 6 and 7 outline the requirements and conditions for obtaining valid consent from individuals for the processing of their personal data. Article 6 of the GDPR lays out the legal basis for processing personal data. It lists several lawful grounds for processing, one of which is obtaining the data subject's consent. According to Article 6(1)(a), processing is lawful if the data subject has given clear and affirmative consent to the processing of their personal data for one or more specific purposes. Article 7 of the GDPR focuses specifically on the conditions for consent. It details the requirements for obtaining valid consent, which include:

These provisions aim to ensure that individuals have control over their personal data and are fully aware of how it will be used by organizations.

The rise of alerts about cookies is the result of a confluence of events, mainly out of the EU. But looking at the bigger picture, these alerts underscore an ongoing debate over digital privacy, including whether asking users to opt in or opt out of data collection is better, and the question of who should own data and be responsible for protecting it.

We see this in the ongoing case against Facebook by the Federal Trade Commission (FTC). More than 185 million people in the United States and Canada use Facebook daily. Facebook monetizes user information through targeted advertising, which generated most of the company’s $55.8 billion in revenues in 2018. To encourage users to share information on its platform, Facebook promises users they can control the privacy of their information through Facebook’s privacy settings.
 
 However, following a yearlong investigation by the FTC, the Department of Justice filed a complaint on behalf of the Commission alleging that Facebook repeatedly used deceptive disclosures and settings to undermine users’ privacy preferences in violation of its 2012 Federal order. These tactics allowed the company to share users’ personal information with third-party apps that were downloaded by the user’s Facebook 'friends'. The FTC alleges that many users were unaware that Facebook was sharing such information, and therefore did not take the steps needed to opt-out of sharing. Facebook Inc., now Meta Platforms Inc. will pay a record-breaking $5 billion penalty, and submit to new restrictions and a modified corporate structure that will hold the company accountable for the decisions it makes about its users’ privacy.

There is also a similar case against Cambridge Analytica.
 

How can data privacy rights be protected regardless of the prevalence of digitalization? Protecting data privacy in the digital age requires a multi-faceted approach involving individuals, organizations, and policymakers. It involves a combination of technological, legal, and societal efforts to ensure that personal data is handled responsibly, and individuals' privacy rights are respected.
 
 It is without a doubt the tremendous applause digitalization has received and is still receiving. However, we all need to be aware of the threat to our data privacy rights it poses and take steps listed below to protect this right as individuals and organisation.

WRITTEN BY Lizzy Okah

Lizzy Okah is a Legal Practitioner. She believes that the Maritime Industry in Nigeria is a gold mine and is not underdeveloped as it has been tagged. If we all have good intentions and work together to enforce the SDG and ESG goals as it relates to the Maritime Industry, the industry can reach its full potential. Lizzy has a passion for assisting the survivors of sexual abuse, particularly, the girl child, to reach their full potential. She enjoys, researching, reading, listening to music, vlogs and podcasts and enjoying the soft things of life.

 Want to connect with Lizzy?
 
 Follow her on Instagram and connect with her on Linkedin!

EDITED BY Chizulu Uwolloh.

'Zulu is a writer, self-proclaimed bibliophile, lawyer, and international development professional passionate about social impact and showing people how they can create change in their communities. Zulu Uwolloh is a lawyer and international development professional. She is also the founder of Kurerie, a digital platform, and community that amplifies the voices of youth making an impact in their communities. Kurerie educates young people on how they can become active stakeholders in the achievement of the SDGs. She is passionate about showing young people that they can change the world with the smallest actions.

Want to connect with Zulu?

Follow her on Twitter, Instagram or connect with her on Linkedin!