A Brief History
On May 25, 2018, The General Data Protection Regulation (GDPR) became enforceable. In this day and age more and more of our personal data gets stored online, across the large number of websites we visit. More of our information than ever before is owned by business. Usually, that data is only used with marketing purposes so business can tailor their strategies directly to the individuals based on their preferences and browsing history. Everybody experienced this at least once. But sometimes that data can be misused with other more malicious intents without you even knowing it. In order to eliminate all of those abuses and reinforce trust and security online, the EU enforced a regulation called GDPR.
What is GDPR?
In 2012, the European Commission started working on a data protection reform that would be applicable across all states that are part of the EU. Only in 2016, they managed to reach an agreement regarding data protection and online privacy, with the purpose of giving users more control over their data.
As part of that reform, the General Data Protection Regulation (GDPR) got created. The regulation got implemented not long ago, on 25 May 2018, and because of that, understanding how GDPR works and what it is matters a lot both if you are a business or a natural person.
Since GDPR is a regulation, it means that all of the rules are directly applicable in all EU member states, affecting all of the business and individuals present within the EU. The regulation is meant to give EU citizens more control over the usage, retention, and movement of their personal data.
What being GDPR compliant means?
This regulation is strict, and because it does not only affect EU and European Economic Area (EEA) members, but all organizations doing business with EU individuals, it is important to be GDPR compliant in the years to come.
Before the implementation of GDPR, the misuse of personal data was barely punished but, now since 25th May 2018, the penalties are very serious. Any EU organization that is not GDPR compliant risks being charged fines that are as high as 20 million Euro or 4% of the annual turnover, depending on which one is greater.
According to the GDPR, all organizations and companies who collect and manage data must gather all of the information legally, and protect it from abuse while respecting the rights of the individuals. Failing to do so will result in getting penalized as mentioned above.
With that said, business owners operating in the EU should not only make their websites but to also make app GDPR compliant as soon as possible.
Because of the nature of GDPR, all of the rules presented in the regulation are directly applicable across all of the member states of the EU, allowing for quicker and better implementation. GDPR is undoubtedly the most important law released in the last 20+ years regarding data privacy on the internet.
All EU individuals have full control over their data, regardless of what EU state they are part of, and regardless of what website or application they access. All organizations must be fully transparent with their users, and responsible with the data collected. With that said, GDPR constitutes the beginning of a new internet era.
Question for students (and subscribers): Do you agree with the GDPR? Why or why not? Please let us know in the comments section below this article.
Your readership is much appreciated!
For more information, please see…
Dibble, Suzanne. GDPR For Dummies. For Dummies, 2019.
The featured image in this article, a photograph by Walton LaVonda, U.S. Fish and Wildlife Service, of a girl with computer emerging technologies social media from http://www.public-domain-image.com/public-domain-images-pictures-free-stock-photos/people-public-domain-images-pictures/female-women-public-domain-images-pictures/girl-with-computer-emerging-technologies-social-media.jpeg, has been released into the public domain by its author, Walton LaVonda, U.S. Fish and Wildlife Service. This applies worldwide.