What are data rights?

- [Narrator] What are data rights? Do you know how your data is being used everyday? For me, I always found it very confusing, and difficult to understand what was happening with my data. In essence, this all comes down to the ability for first, second, and third hand parties to use and control your own personal data. For the scope of this course, this concerns organizations, with a focus on organizations providing online services and products, and how they access and harness data. The outline for these rules is usually stored in privacy policies on individual websites, and overarching privacy laws, based on the jurisdiction of where the products and services are being offered. Every time you visit a website there will be a privacy policy. When you use a new app, there will be privacy rules that the developer has followed, to ensure that the app works in line with the data guidelines of the marketplace. When you sign up to a new service there will be rules governing how your data is used. When you are in public locations there will be wider rules regarding how data is recorded and used. These all contain references to data rights, and it's important to understand where you can locate these sources and how to query the data being used. So a basic privacy policy should have five areas, one, around notice, or what types of information is collected. Two, around choice, what can be done with the data that's collected. Access, how the data can be seen. Security, how protected is the data. And redress, what can you do in case of a privacy breach? So these points are roughly based on guidelines from the Better Business Bureau, and they give some advice about how to put together a privacy policy that covers all these areas. In areas such as the EU, GDPR, or general data protection regulation, was introduced in 2018, which contains strict rules and strict fines regarding how consent is asked for and applied. Understanding the difference between where data is located, where the services are performed, and where the individual of origin is located is quite important when understanding how the data rights policies are put in place and used. This information is usually in the details of app usage, and app privacy policies. But it can take some time to discover exactly how this data is being used. In an example above, the top 10 tech companies had their privacy policies reviewed, and it showed that since GDPR came into place the average word count has increased 25%, and the largest update was done by Wikipedia, almost doubling the amount of words in their privacy policy. These alterations can make it difficult to understand exactly what the data rights are for everyday people. The complexity of the policies has also lead to some individuals to parse and review the data with specifically trained neural networks in order to rank and compare how effective these policies are. Guard is a new service that reads policies for you and summarizes different elements and then ranks the policies against each other. Prybot and Polysis is an example of this service as well. This is almost a middle layer providing additional comprehension and rights above the standard text to enable end users to make better decisions. I've put together a basic overview of data rights, given some examples of how they're reflected in privacy policies, what a standard privacy policy should contain, and modern ways to understand privacy policies better. The better we can understand how our data rights are being managed, the better we can protect and manage our data.