Since the publication of the GDPR in May 2018, people living in the European Union have much more power over their data when it is hold by companies. While the GDRP was very good news for privacy advocates, it might still be hard for the individual to use the legally granted power to reclaim their privacy. That's why privacy activists have set up websites that help you reclaim your data and your privacy.
The good news is: The methods of taking back your data are oftentimes not limited to citizens of Europe, but may be used by all people around the world - no matter where you live. And taking back your privacy can be achieved faster than you would expect.
How to take back your privacy
Here we explain how you can take back your privacy with four easy steps:
- Evaluate what services hold data about you.
- Check with the help of this privacy guide how to get hold of this data.
- Decide whether you want this data to be deleted.
- Have the data deleted with the help of this privacy guide.
Once you have decided what companies you would like to request your data from, check out these four websites to see which one best covers your needs.
JustGetMyData and JustDeleteMe
Two great open source projects launched by Spanish students helps you to easily check how to take back your data from big tech companies such as Google, Twitter, Facebook and more. These sites have a comprehensive summary about dozens of web companies and let you sort the companies, for example, by popularity. You can also search the database for the companies that you have already pinned down are your most important targets.
JustGetMyData provides an overview on how to get a copy of your data from dozens of online services. It also provides links directing you to the help pages of the services in question. The overview also shows you if it is easy, medium or hard to get hold of your data.
JustDeleteMe is very similar to JustGetMyData. The site helps you to find the appropriate help pages of services in question to make these services delete all data that they hold about you. Again, the overview shows you if this is easy, medium, hard or impossible.
However, based on the GDPR it must be possible to ask for the deletion of your private data if you chose to no longer use said service. The following websites may help you in these tougher cases.
MyDataDoneRight and DataRequests
MyDataDoneRight is an awesome website provided by Digitalcourage, a German NGO fighting for internet and privacy rights in the EU. The website MyDataDoneRight helps you to prepare requests to several services such as Facebook, Microsoft, Google, T-Mobile and more.
With this request, you can define whether you want to access your data, correct your data, remove your data or move your data (to a different service). The request form guides you through the process so that you can send a prepared message to the service in question.
DataRequests works very similar to MyDataDoneRight, but is much more comprehensive. It is an open source project powered by volunteers.
If you compare the fight for privacy with David against Goliath, then DataRequests shifts the power in this picture by adding hundreds of Davids against a few Goliaths. It is amazing to see that such grassroot activism can make such a difference and help everyone to regain their data and their right to privacy online!
Know your rights
Based on the GDPR, you have lots of rights about your data that is stored at online services. However, to execute some rights - e.g. the Right to be forgotten - it can be required that you can no longer use the online service you originally registered with.
Here is a summary of your rights when it comes to your own data. To learn more details about your rights, check out datarequests.org:
Right to access
You have a right to know what data a company has stored on you, to ask what the purpose for storing the data is, and which source the data was obtained from.
Right to rectification
When a company stores wrongful information about you, the company must correct it as soon as they get a notification from you.
Right to be forgotten
You can demand from a company that they delete any or all data they store about you. Such a deletion request sometimes must go hand-in-hand with deleting the entire profile about you with this service and stop using this service, e.g. Facebook.
Right to object
At any time, you can revoke already given consent to store data. Revocation of consent must not be more difficult than the original consent.
Right to data portability
The data that you store with an online company remains to be yours. At any time, you must be able to export the data and use it elsewhere.
Reclaim your privacy
Once you have taken back your data and deleted your profiles at services that make money by violating your right to privacy, you may want to chose online services that respect you and your data. Tutanota, the encrypted email service, is just one such option.
By now, there are lots of services available online that focus on protecting your right to privacy. For this, we have compiled a guide on how you can leave Google and Facebook behind. These two are by far the worst among big tech - even though Facebook and Google like to pretend to be the new defenders of privacy.
However, it is no surprise that the two tech giants notoriously invade your privacy. After all, their business model is based on abusing your data to maximize their profits from advertisements.
Tutanota does the exact opposite.