To tackle this challenge, the EU-funded Privacy Flag project has established a user-friendly monitoring and protection system which includes free tools for the public.
Professor Andrew Charlesworth , from the University of Bristol Law School, was a co-investigator on the project and helped to develop the Universal Privacy Risk Area Assessment Methodology to investigate the compliance of apps, websites and Internet of Things deployment with EU, Swiss and US data protection laws.
As a result, developers have created a smartphone application, a web browser add-on and a public website in six European languages, all connected to a shared knowledge database, to help citizens monitor and control their privacy.
The evaluation tools - which include an automatic alert mechanism whereby people can be notified of privacy breaches - are available for free download on the Privacy Flag website.
Built on a crowdsourcing model to design and select the best solution to protect privacy and data ownership, Privacy Flag promotes user awareness of how privacy can be increased and how it affects citizens and society.
Professor Charlesworth said: "The Privacy Flag project and its outputs and spin-offs represent a new generation of technology-supported initiatives designed to enable citizens to understand and control the ways in which their personal data may be captured and reused in the digital environment, as well as to create support mechanisms for businesses that aim to develop and supply transparently privacy-compliant services."
The EU’s General Data Protection Regulation protects citizens’ rights within its borders. Privacy Flag, in a bid to expand this protection, has created a voluntary system - known as the Privacy Pact - which enables companies outside the EU to sign up to and show their commitment to European standards.
Professor Charlesworth added: "One example of the sustainability of the project’s outputs is the creation of the EuroPrivacy certification scheme on data protection, designed to enable a systematic and comprehensive analysis of compliance with the GDPR, applicable to products, services and data protection management systems, and encompassing emerging technologies such as data analytics and Internet of Things."
The project could also have a positive environmental impact because it contributes to reducing unwanted data flow on the internet and mobile phone networks. Currently, many apps are uploading and exploiting data not required for the app itself. Reducing this data flow could save energy and, ultimately, lead to a reduction in greenhouse gas emissions.