Restart Radio: Protecting our personal data in an age of connected devices

In this week's episode, Janet, Ugo and Dave Lukes discuss our personal data being collected and held elsewhere, focusing on the new EU regulation on data protection and its effect on consumer rights. We focus on 'connected devices', where increasing amounts of our personal data are collected and stored by companies. There are potentially wider, positive implications of the new rules in relation to the lifecycle of these devices. But first, May 1st is International Workers' Day in many countries. We celebrated it by discussing news of the Global Day of Action Against Samsung. A network of organisations called for the protection of their electronics factory workers, who have been and may continue to be exposed to dangerous chemicals. They are asking Samsung to stop attempting to suppress information on chemicals used, to use safer ones, and to ensure workers' right to organise independently. Also on Samsung, a US class action lawsuit alleges that the company has teamed up with two other major DRAM memory manufacturers (who have a total marketshare of 96%) to raise the price of their products. Next we discuss the GDPR, or General Data Protection Regulation (acronym botched by Janet!), which will be enforced on 25th May by the EU. GDPR has to do with the current emails you may be getting from companies or organisations asking you to remain on their email lists. Dave explains the regulation has a strong focus on protecting our personal data, that is: any information that could be used to identify someone. We talk about one of its main principles: about consent. According to GDPR, we all need to be fully and explicitly informed about how our personal data is being used. Then, we talk about the importance of GDPR in the context of 'connected devices'. First we have a laugh about inscrutable terms and conditions of products, such as those of Amazon Kindle: it took an actor 8h 59 mins to read them all! Clearly, in the age of GDPR, user-centred terms and conditions will become the rule for these connected devices and appliances, which may soon include household appliances. We use Samsung "smart" TVs as an example, revealing that already there is a divergence between Samsung privacy policies for European (UK) consumers and the rest of the world. Finally, we reflect on how mandatory, increased attention to the lifecycle of personal data can influence the lifecycle of our devices. With companies accountable for protecting our information, they may have to ensure that our gadgets remain safe of data breaches or hacks, and we hope this implies extending security updates over longer periods of time.