Black Friday Sale! 50% Off All Access

Here's Why Your Inbox Is Filled With Privacy Policy Emails Companies around the world have been scrambling to make sure they comply with new laws about what they're allowed to do with user data.

By Lydia Belanger

Entrepreneur+ Black Friday Sale

Our biggest sale — Get unlimited access to Entrepreneur.com at an unbeatable price. Use code SAVE50 at checkout.*

Claim Offer

*Offer only available to new subscribers

Opinions expressed by Entrepreneur contributors are their own.

D3Damon | Getty Images

As you settle back into work after a relaxing holiday weekend, you probably have a larger-than-average influx of emails to sift through. Their subject lines read along the lines of, "Please update your information and consents," "Updated terms of service and privacy policy" and more.

This is all thanks to a new law out of Europe, the General Data Protection Regulation (GDPR). But don't blame European lawmakers for the fact that you're getting all of these messages at once.

The European Union passed the GDPR in April 2016, and tech companies had more than two years to prepare before enforcement of the law began on May 25, 2018. Given that the web is a global network, the GDPR has required that all digitally operating companies that have European citizens as users to make changes to the ways in which they collect, store and process user data -- or else pay hefty fines.

In a nutshell, organizations can't collect data without user consent, and they are required to fulfill users' requests to delete any information they've collected on them. Users will also be able to download all of the data an online service provider has on them and see how that organization has been using it.

Related: Here's How to Download and Delete Your Facebook Data

It's a tall order to get companies and users alike to care about data privacy at scale. It's complicated, because laws have frequently come into effect reactively, not proactively. People take privacy for granted, and often, it takes a massive breach for people to get concerned, such as when it came to light in March that years-old Facebook data -- from 87 million users -- had gotten into the hands of political consultancy Cambridge Analytica.

That scandal inspired congressional hearings with Facebook CEO Mark Zuckerberg in the hot seat, and given the impending GDPR, he testified before the EU as well. The scandal hasn't made a dent in Facebook usage.

The same passiveness goes for the GDPR: Many online service providers scrambled to get their policies updated and their users in the know, thus the 11th-hour emails that arrived en masse leading up to May 25. It's likely that most people won't read them, but in one way or another, many organizations' email subscriber lists are going to dwindle because of them.

Several of the emails lead with desperate pleas, e.g. "Please don't go!" because their aim is for the user to opt in, giving organizations permission to continue the data-sharing relationship, a.k.a. keep them on their marketing lists. They want you to renew your vows, if you will. If you don't, companies are supposed to unsubscribe you. That might sound like a long overdue spam spring cleaning. But the problem is, the service providers are making users do all the work -- and all at once -- if they want to stay in the loop.

Then, there have been reports that these emails are all for naught, based on a misunderstanding of the GDPR. Some companies already have the necessary consent from their user contacts. Now, the emails they're sending might backfire if people get unsubscribe-happy amid the email flood.

Even though tech giants such as Facebook and Google have been more publicly under fire for their misuse of data, some have argued that the GDPR gives bigger organizations an advantage. If a lesser-known entity asks a user to consent to data access, it might be met with more skepticism, or seen as less legitimate. This is an opportunity for users to think hard about which organizations they trust and why.

"You're quite likely to click "I Consent' or "Yes' when a GDPR form is put in between you and your next hit of Facebook dopamine," John Battelle writes for NewCo Shift. "You're utterly unlikely to do the same when a small publisher asks for your consent via what feels like a spammy email."

Related: The Weirdest Things People Agree to in Terms of Service

As for the updated service agreements themselves, you've probably wondered, do these companies really expect every user to read every new contract that's dropped into their inbox? Despite the fact that the GDPR specifies that companies must write their privacy policies in "clear and plain language," many of the updated policies consist of the opposite. Google's, Facebook's, Twitter's and LinkedIn's are now more verbose, according to The Wall Street Journal. It seems like a classic case of cramming: the dilemma of, I would have written you a shorter note if I'd had more time to edit down my rambling first draft.

This is just one way in which companies were unprepared for Friday's enforcement. Publications under the Tronc family, such as The Chicago Tribune and The Los Angeles Times, are among those that have blocked European citizens from accessing their websites while they continue getting their GDPR ducks in a row. Many other U.S.-based publications presented opt-in messages or pared-down websites to their audiences.

Even if you click the "x" on policy update prompts, and even if you (inevitably) don't read all of the emails, it can't hurt to keep them on file. You never know when you're want to take a glimpse at the data you've shared with a social network, app or other service -- and possibly wipe the record clean. Some of those emails might point you in that direction if that day ever comes.

Lydia Belanger is a former associate editor at Entrepreneur. Follow her on Twitter: @LydiaBelanger.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Money & Finance

How Much Money Are You Losing to Counterfeit Goods? It's Probably More Than You Think — Here's How to Protect Yourself

Try these strategies and technologies for taming the so-called "Wild West" of ecommerce.

Marketing

This 30-Year-Old Ad Predicted Life Today, and Keeps Going Viral. Here's How Its Creators Made It

This TIAA-CREF ad was shockingly accurate. Its makers said they didn't want to commit "advertising malpractice."

Business News

Here's How Much Money You Need to Make in Order to Be 'Successful,' According to Each Generation

A new survey by Empower outlines how Americans of different ages define success.

Starting a Business

This Sommelier's 'Laughable' Idea Is Disrupting the $385 Billion Wine Industry

Kristin Olszewski, founder of Nomadica, is bringing premium wine to aluminum cans, and major retailers are taking note.

Starting a Business

Why Are So Many Course Creators Struggling if It's 'Such an Easy Business'? Here's the Truth Behind the $800 Billion Industry

Creating an online course is so easy — at least, that's what many "gurus" would like you to believe. There's a lot of potential in the $800 billion industry, but here's why so many course creators are struggling.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.