You are here

Protecting Your Personal Data Worldwide

Published on
12 September 2016

As the giants of the internet such as Google, Apple, Facebook and Amazon collect, analyze, store, use and share enormous quantities of personal data, the issue of data privacy continues to be a priority. The explosion of data, and in particular personal data shared by consumers, has made data protection an ever more complicated challenge. At its heart, lies a delicate balance between legal frameworks and international relations.

"The explosion of connected objects and healthcare applications is generating massive amounts of personal data whose legal framework is still unclear." says Nathalie Devillier, a professor and researcher at Grenoble Ecole de Management who specializes in e-healthcare, telemedicine, privacy rights and data protection.

One of the agreed upon legal conditions for collecting personal data is the concept of “user consent.” A user must consent to their personal data being used for the purposes of an application or other activity. “However, this is a delicate subject. For example, when you download a healthcare application, you implicitly accept a contract that approves the processing of your health-related personal data. It’s non-negotiable if you wish to use the application. In practical terms, the legal principle of ‘user consent’ doesn’t pan out.” explains Nathalie.

“Collecting sensitive personal data can result in information about a user being sold to third parties or worse yet, being used to discriminate during a job interview or when buying health insurance.” adds Nathalie. This highlights the need for both individual and collective surveillance of how personal data is used by companies. “The need to educate users is a critical part of ensuring they can give their informed consent. The risk is that the gap in understanding between users and data collectors will continue to widen.”

Europe takes a step towards tighter regulations

On April 14, 2016, the European parliament voted to overhaul the current data protection regulations. This new set of rules is designed to allow users greater control over their personal data. Key provisions include:

  • A user’s clear and affirmative consent to the processing of his or her data
  • The right to be forgotten
  • The right to access and modify your personal data
  • The right to refuse the use of your personal data for user profiling
  • The right to transfer personal data from one service provider to another
  • The creation of a central European authority for oversight
  • The possibility of administrative fines up to 4% of a company’s turnover or 20 million euros (whichever is greater)

Despite these improvements, Nathalie highlights the fact that “although the 20 million euro limit is much higher than previous European limits, we know that the maximum fine is rarely applied. In addition, if you take the US for example, fines are often agreed upon through mediation because going to court against a class action lawsuit would result in much higher penalties. And these agreements are already often in the millions of dollars!”

Data protection is still a matter of diplomacy

Ever since Edgar Snowden’s leaks about European surveillance carried out by US intelligence services in collaboration with major internet players, the EU and the US have been engaged in negotiations to protect personal data. In 2015, the 15-year-old Safe Harbour agreement, which regulated the flow of data from Europe to the US, was struck down by the Court of Justice of the European Union. In its place, a new agreement known as the Privacy Shield was set up to ensure companies such as Facebook or Google protect European users’ personal data when transferred to the US.

“However, the legal framework that was negotiated without much media attention is in fact quite similar to what was already in place. As long as the principle of ‘adequacy’ still applies, it will be hard to apply real restrictions to the transfer of data.” says Nathalie.

The ‘adequacy’ principle is the idea that to transfer data to a country outside the EU, said country must demonstrate adequate levels of protection of personal data. “The issue is that adequate doesn’t mean equivalent. As a result, this legal framework is still dependent on diplomatic negotiations. When countries are negotiating major international agreements, data protection can easily become a secondary issue.” concludes Nathalie.

On the same subject

  • les fondamentaux pour bien gérer son marketing personnel.
    Published on 12 July 2018

    The fundamentals of personal marketing

    Successful personal marketing is an art. How can you go beyond compulsive tweeting or an excessive use of social networks in order to create a solid strategy to build and maintain your e-reputation?

  • WoMen@GEM. Plus de parité, dès la formation
    Published on 20 June 2018

    Parity Starts During Education: WoMen@GEM

    First year female students at GEM expect a salary after graduation that is 3,000 to 4,000 euros lower than their male counterparts. And this pay gap is confirmed after graduation! Overcoming gender bias in the workplace starts with overcoming bias...

  • NovActeur fiabilise son business model grâce au parcours Ulysse Live Business de GEM
    Published on 25 May 2018

    Live Business Cases: Win-Win Exercises for Companies and Students

    A live business case is the opportunity for students to work on a real-world challenge presented by a company. In addition, participating companies can benefit from the perspective of students, often with surprising results!

  • Chirag Patel et Christophe Haon
    Published on 18 May 2018

    Research: Retail Website Performance, to Outsource or not to Outsource?

    To improve sales, retail websites focus on personalizing their web pages and increasing their influence on social networks. To achieve these goals, should they rely on internal resources or call on external service providers? A study of 105 U.S....

  • Nathalie Devillier, professeure de droit, à Grenoble Ecole de Management
    Published on 26 April 2018

    General Data Protection Regulation Increases Company Responsibility

    New European regulations on data protection will increase the rights and privacy of internet users in Europe. However, much of the burden of this increased protection will fall on companies. How can businesses prepare for this change?

  • Pourquoi les DRH doivent-elles se saisir du digital ?
    Published on 26 March 2018

    Why Is the Digital Revolution Essential for HR?

    The digital revolution is impacting all areas of business. While HR are particularly affected by this change, it’s an opportunity for them to focus their efforts on the “employee experience”.

  • paiement mobile
    Published on 26 March 2018

    How to Encourage User Adoption of Mobile Payment Options?

    Despite the convenience of mobile payment technology, customer adoption of this new technology is not a given. How can companies build on previous internet experience to facilitate this transition?

  • Must the U.S. Lead the Digital Revolution?
    Published on 22 February 2018

    Must the U.S. Lead the Digital Revolution?

    As the digital revolution unfolds, the U.S. and Silicon Valley have so far led the march. What role can Europe play in this major evolution?

  • Les conditions licites de la cybersurveillance du salarié
    Published on 25 January 2018

    Workplace Cyber Surveillance: Rights and Obligations

    Can a business spy on its employees? Yes, within certain limits. Discover how European courts regulate workplace cyber surveillance.

  • Published on 18 January 2018

    Technology Sourcing: How to Optimize Web Performance?

    To increase the performance of retail websites, companies should explore both internal tech development and outsourced tech services. New research confirms the advantage of mixing technology sources.

  • Caroline Cuny, GEM
    Published on 14 December 2017

    Going Digital to Improve In-Store Customer Relations

    How can digital technology help companies improve a customer’s shopping experience? We look at emerging trends such as artificial intelligence, facial recognition and olfactive marketing.

  • Published on 17 June 2017

    Nanovalor: a Platform to Evaluate the Value of New Tech

    Emerging technology can impact society and the economy in a variety of ways. Nanovalor creates a platform to analyze and learn about the value of new tech.

  • Professeur Sénior  Professeur au département Homme, Organisations et Société  Doctorate of Philosophy, Institut Universitaire Européen, Grenoble EM
    Published on 12 June 2017

    Research: Indulgences or Abuse of Indulgences, a New Perspective on Corporate Sins

    From environmental damage to product malfunctions or bribery, businesses around the world are often responsible for wrongdoing. However, assessing the moral stature of a business is considered to be a notoriously difficult task. Not only are...

  • Cybersécurité : prévenir les risques spécifiques aux TPE/PME
    Published on 17 May 2017

    Cybersecurity: the Challenge for SMEs

    SMEs are a prime target for cybercriminals. Training remains the best defense against such threats.

  • Une quarantaine de collaborateurs Ubisoft en France sont issus de Grenoble Ecole de Management
    Published on 15 May 2017

    Recruitment: How Does Ubisoft Rely on Its Alumni Employees?

    Alumni from various schools can be a precious asset for companies to build connections with potential recruits.

  • research on Contextual Television Advertising
    Published on 28 February 2017

    Research: Questioning the Effectiveness of Contextual Television Advertising

    As businesses and marketing go digital, companies have to track the effectiveness of their advertising across many channels. The growth of online transactions has made website conversions an essential factor for many businesses. Thanks to detailed...

  • Published on 24 February 2017

    Sulitest: the first international tool to assess Sustainability Literacy worldwide

    As of 2017, Grenoble Ecole de Management is making the Sulitest, the first international tool to assess Sustainability Literacy worldwide, compulsory for all of its staff, faculty and students. This is a further step in GEM’s journey to become a...

  • Federico Pigni, Professor at Grenoble Ecole de Management
    Published on 01 July 2016

    Research: Creating Value from Digital Data Streams

    The big data era is upon us. Startups, major companies, organizations and governments are all rushing to extract essential insights from big data. Yet in doing so, many have overlooked the potential value of the digital data streams (DDS) that make...

  • Published on 30 June 2016

    Joining the UN’s International Telecommunication Union (ITU)

    Grenoble Ecole de Management becomes the first Business School in the world, and the first higher education institution in France to join the prestigious International Telecommunication Union (ITU), the United Nations specialized agency based in...

  • Published on 27 June 2016

    European CFOs are against Brexit: new Global Business Outlook survey reveals

    European CFOs are overwhelmingly against a British exit from the European Union, the latest round of the Global Business Outlook Survey reveals. More than 75 percent believe it is good for the U.K. to remain in the European Union, and a like number...

  • websites such as TripAdvisor have given consumers the power to impact a company's image.
    Published on 22 March 2016

    TripAdvisor: How Companies React to Negative Ratings

    The world wide web has revolutionized the hotel, restaurant and other travel-related industries. From online bookings to customer ratings, companies have to learn how to operate in this new environment. While an organization's market identity used...

  • Research: Creating Visitor Engagement Through Music
    Published on 29 February 2016

    Research: Creating Visitor Engagement Through Music

    Digital communications have created an information overload for customers. To stand out on the world wide web, companies have to offer clients a high-impact experience. When used properly, music provides a simple yet effective means of creating a...

  • Federico Pigni, Professor at Grenoble Ecole de Management
    Published on 28 October 2015

    Congratulations Federico Pigni

    Duetto: Industry Transformation with Big Data, a case study in Harvard Business Review by Federico Pigni, Associate Professor in Information Systems in the Management of Technology and Strategy department at the Grenoble Ecole de Management (France...

  • Published on 13 October 2015

    Put Music on your Website

    Your web communication needs to offer a rich consumer experience to distinguish it from others. Nowadays, websites must evoke enjoyable and memorable feelings in their visitors in order to encourage them to revisit and recommend the website.

  • Published on 09 October 2015

    Advanced Master in Digital Business Strategy: appointment of a new Program Director

    Yann Gourvennec joins Grenoble Ecole de Management as Program Director for the Advanced Master in Digital Business Strategy.

  • websites such as TripAdvisor have given consumers the power to impact a company's image.
    Published on 29 September 2015

    Customer reaction and Market identity

    This article, written by Tao Wang, Filippo Carlo Wezel and Bernard Forgues, examines the conditions under which organizations publicly respond to unfavorable consumer evaluations that challenge their market identity. This study relies on an analyse...