The European Union (EU) General Data Protection Regulation (GDPR) on the privacy of data came into force on May 25th, 2018. Since then, all the top technology firms across the globe have been rushing to make sure their maneuvers do comply with the terms and conditions associated with the GDPR law. The sole purpose of this law, originally passed in 2016, is to provide all the internet users with better control over their data and privacy. It is a replacement for the Data Protection Directive which was adopted in 1995 when the internet was in its initial stages. Let us understand what EU General Data Protection Regulation is and how it impacts our lives.
What is GDPR?
GDPR is a regulation in EU law for data protection and privacy of all individuals within the European Union. It provides you with extra control over how your information is collected and used and also motivates companies to validate everything that they do with it. While EU General Data Protection Regulation is from the European Union, it is also of great importance to businesses outside the EU, including the US.
Why is GDPR a concern for non-EU companies?
Users outside the EU are not subject to the regulation in most cases. However, a lot of businesses gather or use EU residence data. They may hire companies based in EU for services such as data processing.
The monetary toll is vertical for companies found to be violating the GDPR. Furthermore, a firm that does not comply with the General Data Protection Regulation can be penalised for up to 20 million Euros or four percent of their annual turnover, whichever is larger.
Why did GDPR come into existence?
The former regulations were written before the existence of smartphones and applications that started collecting an enormous amount of sensitive information for world-renowned companies like Facebook and Google. GDPR data protection provides structural guidelines on what they can and cannot do with the personal and sensitive data of a user. It also requires companies to clearly explain how your data is stored and used, and to get your consent before collecting it. It gives users further clarity over the kind of data being used and how companies can use it for their own personal purposes.
What data is considered personal data?
EU General Data Protection Regulation has an impact on all the sectors of an industry, but the hardest hit will be to those that hold and process a tremendous amount of consumer data. Along with this, the regulation also includes possessions like your name, phone number or even your username, your IP address, browsing history or location data. Even tighter rules are applied for sensitive information such as sexual orientation, health data, and political opinions.
How will it affect you?
With the GDPR coming into force we have the option to choose what data can be accessed by the company. This signifies fewer checked boxes and firms are compelled to use clear and simple language. Users also have the “right to be forgotten,” which means users can also request to have their data deleted. There have also been reports of companies shutting down or limiting their operations in response to the GDPR data protection. People also have the right to object to their personal data being used for certain purposes like direct marketing.