Do we care or have a choice?
Article by Claire Park
While some companies still believe that this framework should remain the main method of “protecting” consumer privacy, there is growing consensus among privacy experts, civil society organizations, legislators, and some FTC commissioners that it’s time to move beyond it. Notice and consent is too weak in practice to meaningfully shield individual privacy. Instead, we need comprehensive privacy legislation that will empower individuals with explicit user rights over their data, and provide strict limits on how private entities handle that data.
Notice and consent is inadequate both in informing individuals and in protecting their privacy. Few ever read the lengthy and legalistic policies attached to the products, apps, and services we use every day, which seem to stretch for pages on end. Indeed, artists taking aim at terms of service have found that policies for major services like Instagram could take over an hour to read—even assuming people without legal training would be able to decipher them—and cut a darkly comic picture when printed out and displayed in their full length. Not only does reading all these notices waste time, but a 2015 study also revealed that privacy policies do not sufficiently disclose all possible data practices, and they are sometimes deliberately silent on, for instance, what subject areas of information they collect.
Even if notices were both comprehensive and easy to understand, it is practically impossible for individuals to provide meaningful consent. The sheer number of entities collecting, using, and sharing personal data, along with the fact that people are not engaging directly with most of those entities, means that people cannot effectively weigh the costs and benefits of revealing information or permitting its use or transfer in most cases.
We need a new approach. Congress must enact legislation that will provide individuals with rights over their information and limit how companies may use personal data. Adopting explicit use restrictions for data, as well as defining the rights of users over their own data, will protect privacy better than the current notice and consent framework does. Transparency alone is insufficient. Even if people knew what data was being collected and for what purposes, it’s unclear how an individual can change what a company is doing with their data.
Use restrictions, on the other hand, recognize that knowing what is happening is different from doing something to change what is happening. Creating distinct guidelines for what companies can and cannot do with data puts the burden on them to adopt better privacy-enhancing practices. Those collecting and processing data are also in a better position than individuals to see how these tools and practices can be harmful.
Privacy legislation should require companies to assess what data they actually need in order to provide the services they offer, and only permit them to collect this required data. A restriction on collecting unnecessary data would significantly limit companies’ data collection, reducing risks to individual privacy from the get-go. Further, limitations on how companies can use data, such as prohibiting “secondary uses” beyond the purpose for which the information was originally collected, would put the onus on companies to behave better with personal information.
A new privacy regime should also explicitly prohibit discrimination against individuals through data practices. Studies have shown that digital data can be used to discriminate against members of protected classes and perpetuate historical patterns of discrimination. Legislation should also limit the extent to which companies can sell users’ information; this can help protect personal data by limiting the number of companies and other organizations that have access to it, and providing users with greater control over their information. For example, the California Consumer Privacy Act, which went into effect January 1st of this year, provides individuals with a “right to opt out” of the sale of their information, and requires that businesses inform people of this right. Such explicit guidelines on the collection, use, and sale of data also would obligate companies to affirmatively assess their systems enabling them to detect potential problems and preempt problematic data practices.
While use restrictions would reduce the onus on individuals to protect their data and transfer much of that responsibility to companies, it is also important that privacy legislation clarify users’ rights. User rights would specify what actions an individual can take to control how companies collect or use their data. Unlike notice policies, which only serve to inform individuals of what will happen to their data, granting rights to users would empower people to limit access to their own personal information and control how it may be used. As OTI has previously pointed out, giving users the rights to access, correct, delete, and port their data, would not only inform them of which entities have their personal information, but would also allow them to have real choices about practices surrounding their data.
Several recent bills also provide some examples of what user rights can be included in legislation. The Consumer Online Privacy Rights Act of 2019 would provide individuals with specific data privacy rights they can assert against private entities, including the rights to opt-out of the transfer of data, port their data, and delete and/or correct collected data. The Privacy Bill of Rights, introduced in April 2019, also includes specific user rights like rights to access, correct, delete, and port data. The Online Privacy Act of 2019 introduces rights to access, correction, deletion, and porting, as well as a right for individuals to review automated decisions.
Under a notice and consent legal framework, individuals today have no real choice in how their personal information is managed. They should, however, be able to exercise autonomy with specific user rights to their personal data. Additionally, entities collecting, using, sharing, and monetizing personal information must be held responsible for handling that data in a way that respects individual privacy. It is time to move away from the false promise of the notice and consent framework, and adopt a new privacy paradigm that ensures people have specific rights over their data, as well as imposes meaningful data use restrictions on companies.
Last updated: February 12, 2021
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
Account means a unique account created for You to access our Service or parts of our Service.
Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to Stachini.
Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
Country refers to: Spain
Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
Personal Data is any information that relates to an identified or identifiable individual.
Service refers to the Website.
Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
Third-party Social Media Service refers to any website or any social network website through which a User can log in or create an account to use the Service.
Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Website refers to any Steve Stachini related website, page, blog, post ect. accessible from http://stachini.com or any associated links., social media accounts etc.
You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:
First name and last name
Address, State, Province, ZIP/Postal code, City
Usage Data is collected automatically when using the Service.
Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.
We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.
The Company allows You to create an account and log in to use the Service through the following Third-party Social Media Services:
If You decide to register through or otherwise grant us access to a Third-Party Social Media Service, We may collect Personal data that is already associated with Your Third-Party Social Media Service’s account, such as Your name, Your email address, Your activities or Your contact list associated with that account.
Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser. Learn more about cookies: What Are Cookies?.
We use both Session and Persistent Cookies for the purposes set out below:
Necessary / Essential Cookies
Type: Session Cookies
Administered by: Us
Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.
Cookies Policy / Notice Acceptance Cookies
Type: Persistent Cookies
Administered by: Us
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.
The Company may use Personal Data for the following purposes:
To provide and maintain our Service, including to monitor the usage of our Service.
To manage Your Account: to manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user.
For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us through the Service.
To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.
To provide You with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless You have opted not to receive such information.
To manage Your requests: To attend and manage Your requests to Us.
For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about our Service users is among the assets transferred.
For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service, products, services, marketing and your experience.
We may share Your personal information in the following situations:
The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.
Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.
Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:
The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.
Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.
If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent’s consent before We collect and use that information.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
By email: firstname.lastname@example.org
By phone number: +34 634 325 196
Our Shop Information
First of all… Welcome 🙂
Thank you for your interest and support for our shop and products. Let me introduce you to the gang…
• Steve Stachini – Owner / Creative Director
Please feel free to contact me via WhatsApp +34 634 325 196 at any time with any questions or requests. I live to create and design for all applications, web, print, wrapping… and offer a wide range of art and graphic related products and services.
• Charity Stachini – Fashion Designer / Artist
Owner of Ji-ai Fashion House (Uganda/Spain). Specialising in authentic African design with a modern European twist. Part of the Madrid World Vision Fashion Show and currently collaborating on an exciting Bowie fashion range. Instagram @JiaiFashion
• Roberto Castillo – Professional Photographer / Drone Pilot
Professional photographer and licensed drone pilot. Taking charge of event, modelling and marketing photo and video productions. With his own business GandiDron, Roberto also works freelance for both private and commercial clients. A true brother!
Where possible we offer online tracking services. Shipping deliveries times vary from depending on location and products ordered. Estimated time scales are between 10 – 21 Days from completion of order processing time.
Buyers are responsible for any customs and import taxes that may apply. We are not responsible for delays due to customs or delivery services.
The time required to prepare an order for shipping varies. Please bear in mind the EVERY order is custom made and only produced when ordered. We do not hold any stock items.
File delivery is either instant or within 12 hours of purchase. Your files will be available to download normally once payment is confirmed.
We do not accept returns, exchanges, or cancellations. All items are made to order specifically for the purchaser so we cannot cancel any orders after an initial 24 hour grace period from the time of purchase. However please contact us if you have any problems or question. We are here to help.
Because our work is bespoke and made or printed to order. So as soon as you have placed your order, then both parties are committed to the transaction.
Yes, please let us know your requirements and we shall be happy to assist and provide for your needs.
Yes, we also fit bespoke wall art installations around the world at absolutely any size, to suit suit any environment, office spaces, homes, public areas, and we also vehicle wrap and much more.
Yes, I collaborate with both business and private clients for custom installations worldwide.
Yes, digital versions are available in different sizes. After purchase we will email you a direct download link which will contain the purchased file.
Your purchase will be recorded, registered and you will receive signed documentation from the creator Steve Stachini providing you with the permission of use details.
No, please allow 3-8 days for your product to be ready for shipping, then add the shipping time. This depending on your country and product ordered. However, we shall keep you informed as much as possible.
Yes we can offer matt or gloss high quality self adhesive vinyl prints, high quality paper prints, fabric prints and more, as well as PVC banner prints at the same price, please let us know at the time of ordering. Our self adhesive vinyl prints are suitable for indoor and outdoor applications.
We only use print media products from 3M, Hexis, Avery, Arlon, Oracol and isee2 – Only the best quality manufacturers.
Yes we can, however this adds a great deal of extra cost to yourself and especially for shipping which would be very expensive.
However, our framing technique is second to none, using our own devised aluminium system.
For reasons of cost to you, we advise sourcing a local framing service or simply mount the canvas over a solid sheet of wood. This works perfectly well, it is quick and easy, and gives a beautiful smooth finish.
ONLY with a certified, sign and registered document which we can provide. All the information comes with our Digital Downloads. Unauthorised use will result in legal action.
Need more information?
Have a request?
Then just contact us…