EDPS: More can be done to safeguard online identities

20.10.16: The European Data Protection Supervisor has today released a statement that suggests that more should and can be done to ensure that individuals are able to take back control of their online identities.

In a comment published on Personal Information Management Systems (PIMS), Giovanni Buttarelli said: “Our online lives currently operate in a provider-centric system, where privacy policies tend to serve the interests of the provider or of a third party, rather than the individual. Using the data they collect, advertising networks, social network providers and other corporate actors are able to build increasingly complete individual profiles . This makes it difficult for individuals to exercise their rights or manage their personal data online. A more human-centric approach is needed which empowers individuals to control how their personal data is collected and shared.”

The recently adopted GDPR provides for increased transparency, and powerful rights of access and data portability, giving individuals more control over their data. Buttarelli however suggests that this is not the final step in the process, and that, it should instead, be seen as the foundation for further efforts to improve how we enforce control over our online identities.

In an earlier statement issued on the 23rd of September 2016, he noted that current market conditions and business practices make it difficult for individuals to exercise their right to the protection of personal data and to other fundamental rights.

The basic premise behind PIMS is that individuals would be able to store their personal data in secure, online storgae systems and decide when, and with whom, to share it.