About What We Authorize
Table of Contents
What do we authorize on our phones and on a webpage?#
Why do they ask us to authorize things? Why do they block us if we don’t authorize? Should we authorize or not? This was a question from a neighbor last week, and I think we need to break down the issues, make them smaller, and start answering from there. Essentially, there are two major types of requests: those related to websites and those related to mobile applications. The former generally do not affect browsing, while the latter can indeed affect the use of an app.
Why do some pages ask me for permissions?#
Web pages ask you to authorize cookies due to data protection regulations, such as the General Data Protection Regulation (GDPR) in the European Union or the California Consumer Privacy Act (CCPA) in the United States. These laws aim to protect users’ privacy and ensure that companies are transparent about how they collect and use personal data. The application of these laws depends on various factors, in the case of the GDPR. A webpage must comply with the GDPR if:
- The company processes personal data and is based in the EU, regardless of where the data is actually processed.
- The company is based outside the EU but processes personal data related to offering goods or services to citizens in the EU or monitors the behavior of EU citizens.
Examples of a website targeting EU citizens:
- The site is available in European languages.
- It accepts payments in euros or uses European payment systems.
- It advertises products or services to consumers in the EU.
What are personal data?#
Personal data is any information related to an identified or identifiable person, also known as “the data subject.” Examples of personal data include:
- Full name
- Address
- ID/passport number
- Income
- Cultural profile
- Internet Protocol (IP) address
- Data held by hospitals or doctors (identifying a person solely for healthcare purposes)
What is the situation in our country?#
In Argentina, we have Law 25.326. What rights does this law recognize regarding my personal data? The law recognizes your right to:
- Have your personal data not be used or recorded without your consent.
- Request and receive information about what personal data of yours is recorded in public or private databases.
- Request that your data be corrected or updated.
- Request that it be deleted, where applicable.
- Request that it be kept confidential.
- Initiate legal action to know your data or demand its correction, deletion, confidentiality, or updating.
Is my consent always necessary for a database to include my personal data?#
Yes, except when:
- Your data was obtained from publicly accessible sources.
- Your data was collected for the exercise of functions of state authorities or due to a legal obligation.
- Your data is in listings that are limited to details like name, national identity document, tax or pension identification, occupation, date of birth, and address.
- Your data was obtained through a contractual, scientific, or professional relationship and is necessary for its development or fulfillment.
- The operations are carried out by financial entities and involve information they receive from their clients.
- A public body that obtained your data in the exercise of its functions transfers it to another public body for a purpose within its functions.
But honestly, I am not sure if it is mandatory for sites operating in Argentina to apply for authorization.
Authorizations on mobile phones#
Now, authorizations on mobile phones must comply with the same rule. However, there’s a difference here. Many times, what we’re asked to authorize are functionalities, such as using the camera or accessing contacts. In many cases, if we don’t accept them, the app doesn’t work as it should, even if it doesn’t need that specific functionality. By accepting these accesses, companies comply with the law, inform you that they will access and use them, and thus we authorize our data to reside in their databases. And as we discussed last week, this is the fuel that powers the digital world’s economic engine: our data. So, what can we do? Not accept cookies. Reflect on the permissions we give to our mobile apps and stay informed. For this, I recommend visiting these pages, which provide more information and are organizations operating in Argentina:
- Vía Libre Foundation: https://www.vialibre.org.ar/
- Argentine Observatory of IT Law: https://odia.legal/
Sources#
There are no articles to list here yet.