1
00:00:00,120 --> 00:00:01,520
Thanks for watching Techquickie.

2
00:00:01,520 --> 00:00:05,920
Click the subscribe button, then enable notifications with the bell icon, so you won't miss any

3
00:00:05,920 --> 00:00:07,720
future videos.

4
00:00:07,720 --> 00:00:12,640
So do you feel like whenever you type personal information into a webpage, it probably ends

5
00:00:12,640 --> 00:00:16,940
up in the hands of an executive with dollar signs in his eyes holding court at a mad tea

6
00:00:16,940 --> 00:00:20,400
party of advertisers and people with agendas?

7
00:00:20,400 --> 00:00:26,240
Well, sadly, that's less of a paranoid delusion than I'd like, and it's exactly the kind

8
00:00:26,240 --> 00:00:32,600
of thing that the European Union's new General Data Protection Regulation is trying to stop.

9
00:00:32,600 --> 00:00:36,980
And because it was implemented so recently, plenty of large tech firms have been scrambling

10
00:00:36,980 --> 00:00:40,100
to make sure they don't get caught on the wrong side of the law.

11
00:00:40,100 --> 00:00:42,140
But what exactly does the law do?

12
00:00:42,140 --> 00:00:46,800
So the basic idea is that any organization or business that either operates in the EU

13
00:00:46,800 --> 00:00:51,240
or handles data relating to people in the EU has a few responsibilities.

14
00:00:51,240 --> 00:00:54,900
Meaning that even a business here in Canada like Linus Media Group could find itself in

15
00:00:54,900 --> 00:00:56,240
hot water with the European authority.

16
00:00:56,240 --> 00:01:00,940
If I did something like, let's say, sell your email address to a company that makes explosive

17
00:01:00,940 --> 00:01:02,480
discount power supplies.

18
00:01:02,480 --> 00:01:04,480
But I wouldn't do anything like that to you guys.

19
00:01:04,480 --> 00:01:07,220
Wait a minute.

20
00:01:07,220 --> 00:01:09,580
But that doesn't mean your data can't be sold.

21
00:01:09,580 --> 00:01:13,460
One of the biggest linchpins of the GDPR is consent.

22
00:01:13,460 --> 00:01:17,140
If you're in the EU, you have a right to be informed about what type of data is being

23
00:01:17,140 --> 00:01:21,260
collected and why it's being collected before you hit OK.

24
00:01:21,260 --> 00:01:23,460
And this pertains to lots of different types of data.

25
00:01:23,460 --> 00:01:27,180
A single photo, a comment you made on a public social media post.

26
00:01:27,180 --> 00:01:28,960
And even your name are covered.

27
00:01:28,960 --> 00:01:33,360
GDPR requires companies to specifically lay out each piece of data they're collecting

28
00:01:33,360 --> 00:01:35,820
from you for your consent to be valid.

29
00:01:35,820 --> 00:01:39,240
After you've given your consent and the zuck or whoever else gets their mitts on your sweet

30
00:01:39,240 --> 00:01:42,840
sweet personal information, there are some more rules concerning how they have to store

31
00:01:42,840 --> 00:01:43,840
it.

32
00:01:43,840 --> 00:01:46,020
Specifically, it has to be protected in some way.

33
00:01:46,020 --> 00:01:49,480
Whether it's through encryption or by keeping the data separate from other data that could

34
00:01:49,480 --> 00:01:52,520
be used together to identify an individual person.

35
00:01:52,520 --> 00:01:56,940
So for example, a national ID number should be sequestered from other information.

36
00:01:56,940 --> 00:02:01,060
That could enable an attacker to work out who it belongs to.

37
00:02:01,060 --> 00:02:05,600
And if an attacker does breach a database, or if someone was just careless with a USB

38
00:02:05,600 --> 00:02:10,700
stick, the organization has to inform a data protection authority within three days of

39
00:02:10,700 --> 00:02:12,180
when it found out.

40
00:02:12,180 --> 00:02:16,980
And they'd also be on the hook to notify you, yes you Otto Schmidt from Berlin, in the case

41
00:02:16,980 --> 00:02:18,680
of a really serious breach.

42
00:02:18,680 --> 00:02:23,680
But if a mere notification isn't enough for you and you just want the data off their servers,

43
00:02:23,680 --> 00:02:26,880
the GDPR also obligates companies to give you access to it.

44
00:02:26,880 --> 00:02:30,760
So you can either do it on demand, or to delete your data upon request.

45
00:02:30,760 --> 00:02:35,620
Partly stemming the tide of the internet is forever, with a right to be forgotten.

46
00:02:35,620 --> 00:02:39,980
Though bear in mind that if one of your terrible hot takes gets retweeted a million times, there's

47
00:02:39,980 --> 00:02:43,860
nothing you can do to force private internet users to delete their screencaps.

48
00:02:43,860 --> 00:02:45,180
But back to businesses.

49
00:02:45,180 --> 00:02:46,760
Why would they comply with this?

50
00:02:46,760 --> 00:02:51,140
Well, as it turns out, there are serious consequences for businesses that don't handle your data

51
00:02:51,140 --> 00:02:52,400
with respect.

52
00:02:52,400 --> 00:02:55,060
For willful violations or for repeat offenders, the fines can be as high as 4% per year.

53
00:02:55,060 --> 00:02:56,060
And that's a lot of money.

54
00:02:56,060 --> 00:02:56,100
That's a lot of money.

55
00:02:56,880 --> 00:03:02,800
And that may not sound like much, but for large enterprises like Google, that could

56
00:03:02,800 --> 00:03:06,420
amount to billions, yes, billions of dollars.

57
00:03:06,420 --> 00:03:08,860
So this sounds pretty good if you're an EU resident.

58
00:03:08,860 --> 00:03:12,260
But what if you live in the US, Japan, or Guinea-Bissau?

59
00:03:12,260 --> 00:03:18,800
Well, some tech firms like Facebook and Microsoft are implementing GDPR-compliant features worldwide,

60
00:03:18,800 --> 00:03:22,580
giving users outside the EU the same level of access and control.

61
00:03:22,580 --> 00:03:25,180
But don't imagine this is out of the goodness of their hearts.

62
00:03:25,180 --> 00:03:26,060
In reality, it probably has more to do with the fact that they don't have access to data

63
00:03:26,060 --> 00:03:27,060
protection.

64
00:03:27,060 --> 00:03:29,520
It probably has more to do with it being more streamlined and having different policies

65
00:03:29,520 --> 00:03:30,520
for different locations.

66
00:03:30,520 --> 00:03:34,760
And it's also not a great look from a public relations perspective to give users in certain

67
00:03:34,760 --> 00:03:38,960
places less robust data protection just because they can.

68
00:03:38,960 --> 00:03:42,620
So that's a great step towards a more global internet because I, for one, have had just

69
00:03:42,620 --> 00:03:45,420
about enough of geo-blocking anyway.

70
00:03:45,420 --> 00:03:47,220
Are you interested in computer science?

71
00:03:47,220 --> 00:03:51,320
Well then check out Brilliant, a problem-solving website that teaches you to think like a computer

72
00:03:51,320 --> 00:03:52,320
scientist.

73
00:03:52,320 --> 00:03:56,220
Instead of just passively listening to lectures, you get to master concepts by solving fun,

74
00:03:56,220 --> 00:03:57,720
and challenging problems.

75
00:03:57,720 --> 00:04:01,340
And Brilliant provides the tools and framework you need to tackle those challenges.

76
00:04:01,340 --> 00:04:05,080
Brilliant's thought-provoking content based around breaking up complexities into bite-sized

77
00:04:05,080 --> 00:04:08,740
understandable chunks will lead you from curiosity to mastery.

78
00:04:08,740 --> 00:04:12,420
And you'll be in the company of over five and a half million members who share your

79
00:04:12,420 --> 00:04:14,800
curiosity and love for math and science.

80
00:04:14,800 --> 00:04:16,000
So what are you waiting for?

81
00:04:16,000 --> 00:04:19,000
You can support Techquickie and learn more about Brilliant by clicking the link in the

82
00:04:19,000 --> 00:04:23,700
video description or by going to brilliant.org slash LinusTechTips and signing up for free.

83
00:04:23,700 --> 00:04:25,220
The first 200 people to go to the link will get 20% off at the end of the day.

84
00:04:25,220 --> 00:04:25,240
Thanks for watching.

85
00:04:26,220 --> 00:04:35,620
I'll see you next time.