Do individual people have privacy obligations?

While the data privacy debate centred on businesses and public entities has blown up in recent years, there’s been relatively little discussion around individual privacy obligations.

Considering the wide range of personal data that we upload and share of ourselves, and that of other people which we download, edit, and distribute (sometimes without their knowledge or consent), it’s surprising how little awareness or education there is about good privacy practices.

Granted, online privacy laws such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) do mention that some “individuals” may have certain compliance obligations.

However, this only applies in conjunction with other criteria, such as making a specified amount of money or using data outside of just a purely personal or household capacity.

So, if you were to record a livestream of yourself in a busy shopping centre where other people’s faces and voices are being captured and distributed with all your followers, this is walking a pretty fine line.

Laws aside, most savvy internet users recognise their obligations to respect and protect other people’s privacy online.

From the rise of community platforms like Reddit and Discord where many people prefer to browse and socialise in anonymity, to Facebook and LinkedIn where real details about people’s private lives are publicly available, almost every website and social networking platform has a privacy policy and terms of service that users must abide by.

For example, if you’re friends with or connected with someone who maintains a private or limited profile on Facebook and share personally-identifiable information about them without their knowledge or consent, that violates not just their privacy but could also risk their personal safety.

In the workplace, respecting your customers’ and colleagues’ privacy is a must, particularly as most employers have their own privacy policies in place.

As the world becomes more connected and digitalised than ever, developing a better awareness of how to protect the privacy of yourself and others around you is a must.

Wherever you choose to spend your time online, here are some best practices to ensure you don’t breach other people’s right to privacy:

1. Get someone’s consent before sharing their photos or other personal data.
   For example, if you’re a teacher who wants to snap a few photos of your class party and publish them to the school’s Facebook page, you should send out a photo release consent form to all parents before uploading anything.
   
   If a friend has shared their private Instagram handle with you, don’t share their username or private photos with anyone else without their consent (it’s set to private for a reason!)
2. Be wary of filming or taking photos in public spaces.
   Whether you’re shooting a video for your YouTube channel or posing in public areas for a social media photoshoot, you should either:
   
   a) Do so in a way that minimises capturing other people’s faces and conversations – try going at a quiet time during the day.
   b) Give others a heads up that you’re filming or taking photos, and explain what you’ll be doing with the material to get their consent.
   c) Reconsider the location of your next video or photoshoot, if none of the above work.
3. Got children? Keep an eye on what they do online.
   As a parent, it’s a given that you need to look out for your children’s privacy and safety online.
   
   In addition to monitoring what your kids are publishing about themselves and who they’re talking to online, it’s a good idea to configure their social media privacy settings so that no personally-identifiable information (such as their location) is publicly accessible.

Generate a GDPR privacy policy with GetTerms.io

Save yourself the time and trouble of writing your own policy with our website privacy policy generators.

Generate Your Privacy Policy Now