What Does GDPR Mean for You
The GDPR: 5 Questions Answered in Real People Language
You’ve probably seen a few announcements about privacy policies, signed some new privacy policies and even changed your settings using a new tool. If not, you will soon. Privacy has always been a hot topic, but it’s going to be talked about even more in the next few months. You have the new General Data Protection Regulation (GDPR) to thank (or blame — depending on your perspective). However, the law can be confusing, especially the official version of the regulation.
What Exactly is the GDPR?
It’s a new privacy regulation passed by the EU Parliament that provides very strict guidelines (and very hefty fines to companies) on handling users’ data. The GDPR has been in a two-year transition period and will be enforced on May 25, 2018. One of the goals was for all countries in the EU to follow the same privacy regulations.
The GDPR includes a number of regulations for companies (check out the key points here), but the overall goal is for people to be more informed and more in control of their personal data. One of the biggest changes is that personal data now includes more than it used to — location data, online identifiers and metadata are now considered personal data.
Is Everyone in Favor of the GDPR?
No. Some businesses and privacy experts are not happy about the new law. One concern about the GDPR is that the way it can be written leaves the regulations open for interpretation. Emarketer reported that PageFair is taking a literally interpretation while ad retargeting companies are assuming that web-browsing data does not count as personal data. International News Media Association also points out that GDPR l may also give Facebook and Google even more control over digital media. Additionally, the GDPR may hurt publishers that rely on ad retargeting. According to to CyberWorld magazine, another point of controversy about the GDPR is how the EU can make companies not located in the EU comply with the regulation.
If I Don’t Live in the EU, the GDPR Doesn’t Affect Me, Right?
No. The GDPR will likely affect you. The regulation doesn’t apply just to companies in the EU or people in the EU. All companies that handle EU citizen data will have to comply, at least for EU citizens. And it would look pretty bad if a company took fewer precautions with some customers’ data while protecting others’. It’s expected that most companies that have to comply will do it for all customers. And because the internet has made the business world much more global, its likely that at least several companies you do business with be affected.
Does this Mean My Data Will Be Safer?
Probably. One of the ways companies will comply and keep custody of customer data is through higher levels of encryption, known as pseudonymization. This means storing the data and the encryption key in separate places. Additionally, you now have to be notified within 72 hours of a breach, which means you can take precautions sooner.
Am I Going to Have to Sign More of Those Confusing Privacy Policies?
Yep. But the good news is that, hopefully, you will be able to actually make sense of the new privacy policies. The GDPR specifically states: “the request for consent must be given in intelligible and easily accessible form, with the purpose of data processing attached to consent.” And a few sentences later, the new regulation even uses the words “clear and plan language” in reference to new privacy policies.
Because no company wants to pay the hefty fines for violating the GDPR, look for education campaigns about privacy — especially from social media platforms. Facebook got a head start on the May 25 deadline with videos (using cartoon chameleons) about privacy topics and letting EU users know about the privacy check feature. To make it easier for users to manage their privacy, Facebook is also launching a global privacy hub. Now all of the privacy settings will be in a single place and most likely offer more control of the data than before.
The bottom line — GDPR is a big shift for companies and no one wants to pay the expensive fines. It will be interesting to see how the new policy plays out in reality. One thing is for sure — expect to hear much more about GDPR in coming months as we learn more about the impact of the new regulation.
https://blog.datum.org/what-does-gdpr-mean-for-you-f3ad8f3014f0
