General Data Protection Regulation (GDPR) is a law that regulates how companies protect European Union (EU) citizens’ personal data. Approved in 2016 and enforced on May 25, 2018, the purpose of the GDPR is to enforce a uniform data-security law for all EU members. This law governs companies that market goods and services to EU citizens. All organizations worldwide are subject to the regulation, regardless of location. That means a potentially hefty impact on some of the world’s leading technology companies, including Facebook and Google.
The regulation replaced the Data Protection Directive 95/46/EC and was designed to strengthen data privacy laws across the 28-nation European Bloc. The aim is to protect the rights of EU citizens in the digital age. Thus, giving consumers control over the collection of their personal identifiable information. An individual’s ‘personal data’ is categorized as any information that directly or indirectly identifies the person in reference. Personal identifiers include: name, identification number, location, phone number and other personal information.
Key Policies:
Condition of consent is a major player in the GDPR policy. No longer will companies have the ability to use vague or confusing tactics to retrieve consumer information. Nor will they have the ability to bundle consent for different things at once. Instead, consent must be clearly asked for each individual privacy request. Organizations must make it easy for consumers to withdraw consent as well. Minors under the age of 16 must obtain consent from a person holding ‘parental responsibility’ before opting in to data collection. Data breaches must be reported within 72 hours of awareness. The processor of the data must notify each individual potentially affected after learning of the breach.
The GDPR gives consumers maximum control over their data. Consumers in the EU now have the ability to access their company-stored data and see why and when it was used. Also, EU citizens now have the right to contact companies and request their stored data be erased. They are also allowed to transfer their information from one service provider to another.
Infringement Penalties
Organizations can face fines of up to 4% of their annual global turnover for breaching the GDPR or 20 million Euros (roughly $24.6 million US Dollars), whichever is greater. Each fine is tiered depending on the severity of the offence. Based on the fact that technology leaders are making billions of dollars in turnover annually these fines can cause a big impact if an infringement occurs.
How does this affect technology companies?
Big technology companies like Google and Facebook cater to users worldwide, including the European Union. In efforts to avoid infringements, companies are taking extra privacy precautions to ensure compliance. Facebook recently released new privacy tools. Facebook users will now see a new tool on top of their News Feed displaying every app with access to their individual data.
So, what does this mean for you? Never assume that you are exempt from a data breach. Cyber attacks happen all of the time, guard yourself. Regardless of the type of breach, change your password. This is essentially one of the most important steps in keeping your information safe, especially for information like financial, health or credit card data. Never use the same password across multiple websites and never use your social security number as a username or password (remember Equifax was breached too). Always go for additional verification options (if available) such as two-factor authentication.
Lastly, treat everything online with an abundance of suspicion. If you’re unsure of the legitimacy of the website don’t go forward. If you’re in the market for a new website utilize a trusted source like Confianz Global. Located just 15 minutes from Charlotte, Confianz is a technology company in North Carolina that offers an array of security features. They update their clients’ underlying software often and take preventative measures to avoid hacks or data flaws. What other web design company located 3 hours from Raleigh and 2 hours from Durham, NC can provide you with that kind of protection?
