How GDPR affects Reddit?
EU’s GDPR or the General Data Protection Regulation has a huge influence on how global companies operate on the Internet today. It finally took effect on May 25, 2018, firms regardless of size which operates their business in the EU territories or anywhere on the Internet that targets EU customers are covered by the policy. As the EU regulators continue to enforce their monitoring, more companies are busy updating their website and backend systems to comply with the strict requirements.
Any organization that is negligent of the GDPR policies are facing a minimum fine of €10 million or 2% of global income. A heavy penalty is imposed against excessive violators to the tune of €20 million or four percent of the firm’s global income (whichever is higher). Online privacy and security are the responsibilities of the web service, not just the user. That is why even the popular sites on the web have to revise their Terms of Service, as well as implement change on their site to conform with the EU law.
One such well-known site is Reddit, a US-based social news compilation, rating, and compilation website. Any topic that a person can think of has a corresponding forum thread on Reddit, from the famous events of celebrities to even what particular meal a person in country X had for breakfast.
The Reddit developer team has taken a bold move to secure reddit.com, by introducing a few features that help users fine-tune their privacy settings and data stored in the site. The option to enable settings that limits Reddit of knowing things about their users are now publicly available.
Adverts on the web are not always innocent, many of which are actually trackers. They come with cookies that monitor the activities of users across many websites. Such a technique is used, in order for relevant adverts are seen by the users, instead of something that the user is not interested in. Previously, the option to turn-off relevant adverts was not available, but Reddit believes the users should have a say about it.
The users are also empowered to make the decision for Reddit to share their data with third parties or not. Reddit promises relevant adverts to their users if it receives the necessary permission. All of us are legally bound to display adverts as it keeps free services like Reddit to remain free to use. All the personalized adverts are enabled by default since Reddit’s creation in 2005, more than thirteen years ago.
Mainstream websites honor the browser’s Do Not Track header, another optional feature all browsers support. It provides the site an information if the user wants to opt-out of the default advert tracking. However, as of this writing, Reddit does not support such a feature and any Do Not Track header is ignored by the site. Though harmful for websites that depend on advert revenue to continue operating the site, users are pushed to the point of no return. Security of user data at the hands of 3rd parties is still the obligation of Reddit honor, in conformity with the GDPR rules.
Intrusive advertisements are the cause why many rely on advert blocking plugins to do the job to clean-up webpages of adverts. Users cannot be blamed for this, as malicious adverts are very real. A simple Google search will reveal to everyone that many were already fallen victim to malware using adverts as their vector for infection.
Julia Sowells713 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.