You may be wondering why you have been receiving a series of emails from websites updating their privacy policies. Since the effect of the European privacy law known as the General Data Protection Rule (GDPR) last May 25, web giants like Facebook and Google among many others have been required to explicitly state the personal data they collect from users such as full name, IP address, browsing behaviors, and to what purpose the data is being collected. Users also have the prerogative to access the data being collected by companies from them, and to remove any data from all social media platforms and search engines under the “right to be forgotten” laws. Cyberattacks and data breaches experienced by firms are also to be reported within 72 hours.
The GDPR isn’t just limited to social networking sites like Facebook which actively gather information from users, but will also cover publishers, financial and educational institutions, ad-tech companies, apps, and retailers. While the law takes effect across the 28-member countries of the European Union, the GDPR also includes data processed abroad. Failure to comply with the GDPR can be fined for 8.8 million euros ($10.1 million) or 2 percent of a firm’s turnover for minor offenses, while serious violations could be charged for up to 17.5 million euros ($20.2 million) or 4 percent of a firm’s turnover, whichever is higher.
Europe’s new privacy law is just the beginning of a major shift from firms incentivizing from data collection to a consumer-centered environment where consumers are prompted to better understand how data is being collected and stored, and firms to take more responsibility handling user data. The implementation of the law is a timely initiative after the onslaught of data breaches and most recently the Cambridge Analytica scandal, in which data from 50 million Americans on their Facebook profiles were used during the 2016 US election.
The GDPR also encourages transparency and accountability among firms, and foster trust between consumers and firms that have access to their data. Users rapidly scrolling down and checking on the ‘I agree’ on the terms-of-service agreement page without even looking twice on the whole document was believed to have caused harmless effects, until data being placed out in the open in the internet became a source of political and radical surveillance without the user’s awareness. In an article from Wired, Nitasha Tiku writes that companies must now ‘take into account a consumer’s expectations of how their data will be used and can’t infringe on the other consumer rights guaranteed under GDPR.’
GDPR, however, does not solely depend on the firms and the policymakers’ efforts on safeguarding privacy and its usage. The data management industry is also seeing a rise on the demand for positions such as a data protection officer whose responsibilities include compliance of security measures and conducting regular security agents. More users are also exercising responsible internet usage, with growing interest in ad-blockers and VPNs. It’s a collaborative effort that will create major changes in the web and beyond. With the boom of digital economy, UK information commissioner Elizabeth Denham tells The Independent that GDPR ‘is a step change and a case of evolution rather than revolution.’
Stay connected and get in touch with the latest news and current events by ensuring that you get the best signal no matter where you go with a cell phone amplifier.