Sep 4, 2018 3:19:11 PM

What Is The General Data Protection Regulation And Should You Care?

Posted by Nick Chasinov

Find me on:

https---specials-images.forbesimg.com-dam-imageserve-1148525168-960x0.jpg?fit=scale

The General Data Protection Regulation (GDPR) is a package of new laws enacted by the European Union that outlines how and why personal data can be collected on individuals living in, or who are citizens of, any of the 28 EU member states.

With a GDPR compliance deadline of May 25, 2018, companies both in the EU and beyond have scrambled to update their privacy policies and data collection practices. This is because the GDPR has a wide-reaching geographical scope and broad conditions of what is considered personal data. The European Union defines personal data as: "any information that relates to an identified or identifiable living individual." Some obvious examples are your name and address, but the regulations also consider phone geolocation, cookie IDs and other mobile phone identifiers as personal data.

So while the GDPR is designed to protect data privacy rights of EU citizens, the borderless nature of the online world means that virtually every business that maintains a web presence needs to make updates to their digital properties. As the owner of an internet marketing agency, we need to make sure all of our clients are compliant in their advertising and data collection practices. This requires us to audit how data is collected and processed, both online and offline.

The GDPR focuses on two fundamental principles. The first is that companies need your express, informed consent to collect your data. The second is that you should only need to share data a particular business requires to make the services they offer function.

How The GDPR Impacts Consumers

Since the GDPR is so far-reaching, its effects have led to sweeping updates of privacy and data collection policies on websites and apps around the world, resulting in changes for consumers here in the United States.

First off, unless you're a bona fide resident of an EU country, you can't actually file a complaint regarding violations under the GDPR. However, you can expect changes to digital properties and content you access on a daily basis as companies on both sides of the pond update their privacy policies to meet GDPR standards.

In the past, most websites used an opt-out policy regarding personal data collection. It was assumed that by using a digital service or simply navigating to a particular website, the user was providing their implied consent for broad-sweeping data harvesting, collection and even third-party distribution by the service provider.

The GDPR requires that consumers actually opt-in to the collection of their personal data, including the collection of information like IP and email addresses, online transaction histories and device information. These same changes are now being implemented on a wide variety of U.S.-based websites, which in turn gives consumers greater control and increased transparency around what happens when they visit a website, download an app or use an online service.

How The GDPR Impacts Businesses

The most significant impact the GDPR has on U.S.-based businesses is the issue of consent, which is at the heart of these broad-reaching regulations. Companies like Facebook have already made extensive updates to their user interface in order to enable greater consumer control over personal data collection and sharing. Other businesses have done the same by communicating with their clients through a flurry of privacy-related emails and opt-in pop-up boxes on their web pages.

Another issue that the GDPR addresses is underage consent. It dictates that parental consent is needed when dealing with data from children under the age of 16, which means companies need to add an age clause in their privacy policies.

One of the most interesting aspects of the GDPR is the way fines and penalties are levied against businesses that are found to be noncompliant. Failure to comply will result in lofty fines of 4 percent of the annual revenue of the offending company, which in some cases can mean billions of dollars. For example, Google's parent company Alphabet could be fined up to $4.88 billion under GDPR laws.

How The GDPR Is Changing Social Media Sites Like Facebook

Facebook users will now see a more prominent alert in their accounts asking them to review their privacy preferences. The message is encouraging users to evaluate and select how Facebook can use personal information for advertising, as well as other opt-in features such as facial recognition. The message also gives users the opportunity to review and make changes to profile information. Facebook now goes into detail regarding how they collect and use data to make experiences more personalized. Facebook CEO Mark Zuckerberg said during a meeting with European Parliament members that the company doesn't want users to "just, you know, click 'OK' or 'no' on a bunch of stuff" so they can "get to what they were trying to do."

So should you care? Well, you should be happy knowing that companies are now more accountable than ever to protect your privacy and as time goes on you will be even more protected as compliance gains more standardization across your favorite websites.

I originally wrote this post for Forbes.

           comments powered by Disqus

Search Blog

Subscribe to Email Updates

Latest Posts

Most Popular Posts

ContactUs

CheckOutOurWork

OUR CLIENTS SAY

"Teknicks was able to create, launch, and manage a fast paced social marketing link building campaign that helped to significantly improve Google rankings for a wide array of topic areas."

Director, Search Marketing

BusinessWeek

< View all>

IN GOOD COMPANY

Teknicks ClientLogos3 resized 179

AS SEEN IN

as seen in resized 179