What is GDPR | GDPR Compliance
GDPR is a new group of European regulations that govern how the businesses and institutions manage your personal data. The GDPR Compliance Rules are active w.e.f Friday, May 25. So, all the companies all over the world are just trying to get their policies in place with the GDPR provisions.
As a business, GDPR for you definitely is something much more than just changing your privacy policies. These rules will have a tremendous impact on almost every business industry, not just technology or marketing. And though the laws only cover EU and its citizens, the effects of the regulations will surely extend far beyond just Europe.
What is GDPR Compliance?
GDPR Compliance, or the General Data Protection Regulation Compliance, is a set of regulations that puts in place new restrictions on how companies should handle our personal data. There are a lot of guidelines and requirements that fall under these rules (which is covered in the post later), the ultimate goal of GDPR is to provide the users more control over who has access to their data and how that data can be used.
The GDPR rules will be valid for all organizations, from small to large businesses alike. Restaurants, retailers, airlines, and other companies we don’t typically think of as having any substantial personal data are also required to comply with the given regulations.
“GDPR Compliance” rules can be simplified into 4 major points:
- The right to know what data a given company has about you, and what it’s used for
- The right to know if your data’s being shared with other businesses
- The right to access your data and use it somewhere else (referred to as “data portability”)
- The right to, in some situations, have your data erased
GDPR also places a few guidelines on the internal operations of a company. One such rule mandates that companies notify users of any data breaches within 72 hours of discovering the issue. Some category of companies are also required to appoint a Data Protection Officer, who will be overseeing an organization’s efforts to comply with GDPR rules.
Some newspapers website and also cable television network A&E, have actually obstructed European traffic because of GDPR.It appears that newspapers like the LA Times and Chicago Tribune are GDPR non-compliant, so all website traffic from Europe is hitting this wall.
While most of these disturbances will be temporary, it’s unkown how much time it will take before they’re back to business as usual in Europe.
What happens if companies don’t follow GDPR Rules?
Fines for damaging GDPR compliance rules could vary from written cautions to large penalties, depending on the certain guideline in consideration.
For the most serious offenses, organizations can be liable for fines as much as EUR20 million or 4 percent of their overall earnings, whichever is higher.
For a multibillion dollar firm like Facebook or Google, that adds up to numerous millions of dollars. Not every GDPR offense calls for the steepest fines, which are scheduled for “the most major infringements,” yet even relatively smaller sized penalties could be potentially tragic for smaller business.
So GDPR Good or Bad?
Although businesses have had two years to bring their policies up to GDPR compliance standards, the transition hasn’t been so easy for every organization. While many businesses have been drastically emailing customers about adjustments to their terms or service, some have adopted other extreme steps to comply.
For example:- Instapaper, the “review it later” solution provided by Pinterest informed consumers that it was briefly stopping briefly all service in Europe due to issues with GDPR. Inbox-Cleaning app Unroll.me also halted its operations in wake of GDPR, as it has slammed for opaque privacy policies.
I don’t live in Europe, why should I care about GDPR Compliance?
Even if you don’t reside in Europe, GDPR could still impact you in many ways. If you run a business that has clients in Europe, you still should adhere to GDPR Compliance Rules, even if you’re based in the United States.
However even if you’re not a business owner, you’ll likely still really feel the results of GDPR compliance somehow. Besides the over running inbox notifications, some business are choosing to make new privacy controls offered to everybody, not simply Europeans (Apple’s brand-new personal privacy page, as an example).
All these GDPR notifications from sites you have not visited in years points to a conclusion- Nobody erases the data once they get your information.
Other, long term, results of GDPR are much less clear. Many experts have actually said the steps will make it harder for business to do business. Others have speculated the regulations could transform the business economics of internet-based business that count on advertising dollars. Some wish it will certainly make business a lot more accountable so we’re able to avoid future Cambridge Analyticas.
For now, though, possibly the most significant effect of GDPR compliance is that it acts as a reminder of simply just how much information companies carry about us. As programmer Chet Faliizek mentioned on Twitter- “The fact that we’re jointly getting numerous GDPR-related notices reveals simply the amount of companies are keeping data on us.”
While these practices are not likely to transform outside the Europe drastically, at least in the short-term, GDPR might just tell everyone to really stop as well as think about their online privacy in the first place.