Who owns data?

A peer stated that “we live in a world where data belongs to those who collect it”. I agree with it partially. Unless we give our consent, the data is our property. The dilemma is, without reading the agreement, we are all the time clicking on the “agree” button, which gives the companies right to own and process our data. Facebook terms of service says “Specifically for photos and video uploaded to the site, Facebook has a license to use your content in any way it sees fit, with a license that goes beyond merely covering the operation of the service in its current form. Facebook can transfer or sub-license its rights over a user’s content to another company or organisation if needed.” Even after knowing this, all of us post personal pictures and videos on Facebook. Twitter’s approach is similar to Facebook and it also may pass content to any partner company based on any reason (Smith, 2013).


Do you think as a user we ourselves our handing over our personal lives to the social networking sites and at the same time we seek to have Data Protection Laws to protect the same data from sharing?


My peer also stated “data owner is responsible and accountable for the protection”. GDPR that is going to be enforced in May 2018, under its Article 33 of GDPR, the data controllers will be legally bound to notify about the breach within 72 hours to the relevant supervisory data protection authorities (Vollmer, 2017). Do you think this new regulation that makes it compulsory for the data controllers to report breach, would be beneficial? Prior to that, at least in the UK, there was no such legal obligation but only a recommendation of reporting breach.




Smith, O. (2013) Facebook terms and conditions: why you don’t own your online life. Available at: http://www.telegraph.co.uk/technology/social-media/9780565/Facebook-terms-and-conditions-why-you-dont-own-your-online-life.html (Accessed: 30 January 2018)


Vollmer, N. (2017) “Notification of a personal data breach to the supervisory authority”. Available at: http://www.privacy-regulation.eu/en/article-33-notification-of-a-personal-data-breach-to-the-supervisory-authority-GDPR.htm (Accessed: 30 January 2018)


Leave a Reply

Your email address will not be published. Required fields are marked *