Illustration "Protecting Personal Data in the Free Internet"

© BMWi / Herr Müller

Many online platforms and apps make our lives easier. For example, WhatsApp: instead of communicating with friends individually, you can communicate with all of your friends at the same time. And quickly arrange to meet at a restaurant in the evening for a glass of wine. Such communication creates an enormous amount of data that is collected by messaging services and processed. What happens to the data afterwards is not always traceable by the user. There is only one choice: accept it or not use the service at all.

The guiding principle of informational autonomy should therefore become a greater priority. This means that all users should have more control over when and where they disclose their data. Users could then make their own decisions on the level of protection for their data. And, they will gain a new understanding for the fact that online platforms and apps use their personal data for advertising purposes – as a kind of payment for use of these services, which are usually free of charge.

Graphic: Each minute all over the globe, 400 hours of videos are uploaded on YouTube, 216,000 photos on Facebook, and users like 2.4 million posts on Instagram.

© BMWi

How can greater informational autonomy be achieved?

To provide greater informational autonomy, both sides must be involved. On the one hand, users must learn to exercise competence and autonomy regarding their data. Digital education is an important building block. On the other hand, companies could offer new forms of consent so that users are even given the opportunity to decide how much of their data they want to reveal. Online platforms and apps can also be designed such that they guarantee the greatest degree of data protection, either technically (“by design”) or using default data privacy settings (“by default”).

Legislators are also involved in informational autonomy. In May 2018 the new EU General Data Protection Regulation will become law. It provides for various improvements that will strengthen the individual’s informational autonomy. This includes the “right to be forgotten”, which has for the first time been expressly written into law: it will become easier for users to delete personal information that has been stored by a company. If a user wishes to “move” from one platform to another, he or she can also exercise the “right to transferability of data” – that is, data portability. Users can for example switch more easily from one music streaming service to another.

Graphic: Almost 80 percent of Internet users believe that their personal data is not protected in the Internet.

© BMWi

What can the Group of 20 do?

We also want to achieve better data protection standards outside the EU. The public should be able to depend on the fact that its personal data is safe with companies. For this reason, the German G20 presidency will aim to bring about global agreements on protection of privacy and data protection, data security and consumer protection.

Apart from all of this, the principle of net neutrality must be observed. The Internet may not be censured by any country, turned off or misused for government purposes. Net neutrality creates the foundation for unhindered flow of knowledge, plurality of opinion and a successful digital economy. Each user can express himself or herself freely and gather information at any time, and each company can provide its services worldwide without restriction.