(The following is an opinion piece submitted by guest blogger, Elspeth Rushbrook.)

On being asked to choose between unpalatable terms and privacy laws
and receiving your dues

This matter comes up in more than just artist related issues, but I’ve most recently encountered it in collecting royalties.

Whatever kind of artist we are – whether visual, or creating in another way – royalties are much of our lifeblood. I recently received payment for a share of general royalties, just for being in the scheme.

I applied to join the UK Design and Artists’ Copyright Scheme, where you gain royalties for the use of your artwork – in magazines, on television, for designing a book cover...

My issues with DACS were several.

Illegal cookies: this is too prevalent. A banner on a website which says: ‘by continuing, you accept’ is wrong. We have been given no meaningful opt out. Some even say – ‘cookies have already been set, just by your landing here. Even if you leave immediately (I often do) we’re still tracking you’.

A link to more information which lists the cookies – and most sites have a huge list – and tells you other sites to visit to learn more, or how to adjust cookie settings in your browser, is not enough.

You must be given a swift on/off cookie choice, that allows you to reject and to save that choice whilst you’re on the site (and not longer).

I question the need for all non functional cookies, and the right of anyone to place things on our device and track us and analyse us. Marketing these days is most unethical, and is not acceptable.

These cookies can be used by more than marketing and is intrusive and unnecessary.

I urge readers not to accept cookies, in either sense.

As part of applying, we are asked to accept this cookie policy as part of their more general privacy policy, but this isn’t given to us. If you download the application form, the policy isn’t included, and yet you’re meant to find it and agree to it – and most dubious – unnamed future changes.

I am less and less comfortable with the information I put online – both uploading from my computer, and what I type in. I’ve learned about data canvas imaging. I wonder how much – even when signed into an account – can be seen and used by other parties. And I don’t just mean who’s watching you in your home or on the bus. I have an app which shows and blocks 3rd party cookies and trackers. I’m appalled by their length and prevalence, and especially by the behaviour of Google and Facebook, which I won’t use, but who creep into other sites and track you anyway.

DACS admits that the internet isn’t secure and that they have no control over the 3rd parties they invite to be present on their website (p5 of their privacy policy – clauses aren’t numbered).

DACS’ privacy policy wants me to give permission for my data to go outside the EU. Considering the huge fuss over last year’s European data protection law, the GDPR, I cannot believe that more than one UK company has tried to impose terms which relinquish our right to the protection of that law. (GDPR doesn't protect as much as we’d expect). The policy doesn’t say that I’ll be consulted or even notified. I cannot think of a reason why my data (a word I hate, I’m not computer fodder) should leave my country. If it had said, it’ll leave to collect your worldwide royalties, in accordance with strict rules that at least match Europe’s latest, I would have assented. But it gave no such qualifying reassurance, and nor did I get it when I wrote and asked.

I do not see why a country specific organisation's servers should be outside that country, or even continent, as DACS claimed theirs might be.

I have an especial objection to sensitive data. As with anything personal – such as biometrics and our intimate life – it’s not just how it’s looked after, it’s that it’s ever asked for in the first place. That DACS feels the need to ever have it in any circumstances was disturbing. Yes, that includes equal opportunity monitoring. I always refuse that information and encourage others to, too.

DACS were vague about marketing and did not list their other companies, and again cited fraud and their interests as reasons to share our data.

If you download rather than upload, you have a long form with colour pictures to print at your own expense. One page is all about their terms. DACS won’t let you shorten the page when you print it, for they want to know you’ve signed without redaction or amendment. There’s no negotiation around these terms – it’s say yes to all, or lose out.

This is also a double bind – consent is required, but it can’t be coerced or qualified.

How is that consent any more meaningful than those cookies?

DACS wouldn’t allow me to say to them – ‘if you process this, you are deemed to have accepted my provisos’ but they did pressure me to quickly and fully comply with all their terms.

I don’t enter unequal partnerships.

Other UK royalty schemes were also heavy about fraud. Yet DACS privacy terms (page 3) are more about self protection than our protection. They keep using the phrase “our legitimate interests” but this is an undefined blanket term.

As I’ve found out, companies can refuse our new ‘right to be forgotten’. I have queried this, as I examined the GDPR and thought I qualified. But the office set up to ensure our rights and that procedures are properly done – the ICO – isn’t good at complaint handling or enforcement.

So by giving over my details – my date of birth, full name, bank details, address, and list of my work – I give DACS things of mine, to hold and to share, which I perhaps can’t withdraw. Even if I resign from the scheme. I’ve had this issue with other companies who wouldn’t investigate, didn’t compensate, and still wouldn’t rub out my details – even though I wasn’t a member of anything, nor had I signed anything.

This is a serious matter – no should mean NO. GDPR affected worldwide data and caused lots of work for companies and mailing lists. Why make a law and then be able to find excuses to ignore a specific, clear written request? Hence my care in what I give and my vehemence in insisting upon my right – and yours too – for deletion and to be in control of who knows and holds what about me.

DACS also asks me to hold them harmless and indemnify them. A common clause, but not one that should ever be in any contract. It’s unclear which use of indemnify they mean – are they exempt from legally compensating us – or are we saying we’ll compensate them?

I’m perturbed by how often lawyers try to take away our legal rights.

They use the word ‘reasonable’ but it’s vague as that can be argued. I’m already aware that law likes to argue to protect itself, rather than in the interests of public justice.

Our legal rights should be inalienable and I question the integrity of any company who tries to remove them, and of any lawyer who writes a contract removing them.

And finally – yes, all this matters. Because it’s about individual rights over corporate rights. It’s whether places we should be able to trust to get us what is ours require an inestimable trade off.

Your money – your compensation – or your life – its details, under our control. Not yours.

It’s about whether laws really protect us or are meaningless. It matters who can see and know things about me. My autonomy, my freewill matters – and so does yours.

Elspeth Rushbrook is an author, artist and musician elspethrushbrook.webs.com