Data privacy: Opt in vs opt out – knowing difference and making a choice

When was the last time that you read terms and conditions in detail before you checked that box and clicked ‘I agree’? 

Have you faced the ‘inbox is full’ problem? Many times it is the unwanted promotional mails that clog our personal email inboxes. Try as much as you may, you still end up subscribing to or consenting to receive some newsletters and promotional mails. This happens when you use certain websites that ask you to proactively provide your consent for that. So when you want to access that interesting article of some publication or a tool developed by a company, you are required to fill in your details and you take affirmative action and check the box to agree to receive mails from them/ permit the company to use your information for further use or promotional content. 

What starts as an innocent check, ends up in piles of emails and newsletters clogging your inbox. So you end up with two issues: 

  • Your data is already in the hands of the company
  • You have to empty the inbox or unsubscribe to avoid it

With online transactions becoming the most preferred medium for purchases and data consumption, we (unwillingly) give away our personal data most of the time along with our active consent to receive further communication (read: emails, newsletters, SMS). Companies play it safe by asking your permission and make you take an action (by ticking a box or clicking on an ‘I accept’ box. This way, they are legally safe. This is of much significance in today’s times when what we share and whom we share with matters a lot. With big data, data mining and data analytics ruling the world, every single person is a unit of data for marketers. My name, age, address, mobile no. profession, interest areas, hobbies, purchase history, everything becomes a data point which can then be used to target me with relevant (their term) ads. 

Opt-in and Opt-out: What is the difference? 

The opt-in option is part of the European and Canadian Data Protection Agencies while the Opt-out is that of the American. 

In the former, you willingly consent to opt-in to receive mails and permit the company to use your personal data for that purpose. In this case, there will not be an ‘Opt-out- option available later. Most people mechanically check the box where it is required, especially when it comes to accepting cookies. But when it comes to further data being used, one must definitely check if there is a choice, if you can still access the website further (some websites will block you at this stage if you don’t tick the opt-in option, meaning the whole ‘consent’ thing is a farce). For more clarity about how my data is going to be used (if I have no other option), one must properly read the company’s Data and Privacy policy which is published on the website. 

A few companies offer the ‘opt-out’ option as well, meaning if you have ticked the box that asks your permission for promotional material or SMS to be sent to you, then you can untick that box again. One can withdraw consent to receiving promotional emails and messages even if it has been earlier ticked. Some companies keep this option at the bottom of the email in the form of unsubscribe which is written in the smallest font possible!

Do we really have a choice?

Yes, we do. 

We have complete control (insofar as we redeem it properly) over what data we share and how it can be used by the said company. 

Matters become tricky when it comes to cookies policy. As harmless as they are shown to be, cookies do invade your computer and stay there. These cookies are small packets of data that is sent to your browser whenever you visit a website so that it remembers your preferences and makes using that website easier when you visit the next time. 

Ex. Google’s Privacy policy says “we use cookies to remember your preferred language, to make the ads you see more relevant to you, to count how many visitors we receive to a page, to help you sign up for our services, to protect your data, and to remember your ad settings”. This, in effect, means that Google uses my usage data to target me with ads based upon my previous search history. In other words, I become a data point for Google for it to use me for its client’s benefit. Google, however, immediately clarifies that you can refuse the use of certain cookies by going to the personalization settings option. 

What is the Planet49 GmBh judgment?

Planet49 is a German online gaming company which collected user data before they entered a promotional lottery draw. Users were presented with two options-
an unticked box which user had to tick to give active consent for the company to use your personal data for cookies and to share it with sponsors and partners. The key here was that unless you ticked the box, one couldn’t enter the lottery draw making it, effectively, a forced consent. 

And a pre-ticked box that said you consent to use of cookies, which you could untick if you didn’t want to. In 2019, the EU court ruled that consent obtained through pre-ticked boxes was not a valid one. 

If you are interested in knowing more about this, check out this article

Opt-in and Opt-out: Which one should you use and when? 

One must be careful the first time you visit a site. 

Most credible sites post a consent banner when you sign up for the first time and make it clear that your data will or will not be used for promotional purposes. It also displays its Privacy Policy clearly and actively directs you there. 

According to the General Data Protection Regulation laws (GDPR) of the EU, there is a difference between data of legitimate interest like your name, age, education, address, interest areas, etc. and special categories of personal data like your health status, sexual orientation, biometric or genetic data which can be manipulated or misused to harmful and disastrous consequences. 

Some countries, including the EU, prohibit companies from selling personal data of persons less than 16 years of age unless affirmatively authorised for the same. Several reputed companies provide a ‘More information’ tab along with the ‘I accept’ one so that users can gain as much information as possible before signing in. Several others have separate check boxes for separate uses of the data (For ex: Functional Performance, Social media and Advertising) which one can select before signing in. 

One must discern between which ones to opt in and which ones to opt out. 

Many people are in a hurry to log-in and get the work done (access the content) and tick any box that comes in their way. But that can be dangerous. 

Especially significant is your personal information like address, mobile numbers, personal identification numbers, passwords, Social Security Numbers which can be easily misused. 

Whenever things look shady or you feel a website/company is asking too many personal questions, stop before you sign in. Check their privacy policy and look out for ambiguous phrases. You always have better options when it comes to personal data. 

Remember, it is your choice whether you want your data to be used, sold or analysed by the company and its partners. The company plays it safe (though today’s laws have tightened around it), so should you. 

Did you notice any corrections to be made on this page? Submit your feedback here. We will take the necessary action.