What Is GDPR And Its Full Implications

The General Data Protection Regulation, which comes into effect in May, is the biggest shakeup of personal data privacy rules since the birth of the internet, the EU says.
It is aimed at curbing US tech giants like Facebook, but sole trader plumbers and window cleaners could face crippling fines if they fall foul of the law. Here's what you need to know.
What is GDPR and when does it take effect?
The General Data Protection Regulation is a piece of EU legislation passed by the European Parliament in 2016.
It is enforceable in all EU countries from May 25, 2018.
Punishing fines for data misuse and breaches can reach £18million or 4 per cent of global annual turnover, whichever is higher.
The GDPR aims to make it simpler for people to control how companies use their personal details.
Strict rules mean companies will not be allowed to collect and use personal information without the person's consent.
Data includes things like a person's name, email address and phone number, and also internet browsing habits collected by website cookies.
Firms must also report any data breaches - including cyber attacks and accidental leaks - to authorities within 72 hours.
Individuals can demand a copy of all data held about them, which must be supplied within 30 days.
And in some cases they can ask for any data to be deleted in a formal "right to be forgotten" law.
Privacy campaigners have hailed the regulation as a new step forward for online rights, but small firms are furious about the burden of complying with the law.
Will GDPR still apply after Brexit?
The government says the same rules will continue to apply after the UK formally leaves the EU.
GDPR standards will soon be enshrined in UK statute in the Data Protection Bill currently going through Parliament.
Ministers say this will help companies prepare for Brexit as it will mean British law is aligned with the rest of Europe.
Officials say it would be harder to trade if the rules were different on either side of the Channel.
The GDPR will apply to any company offering services in the EU, regardless of where it is headquartered.
What does GDPR mean for businesses?
With just over 100 days until the rules came into force, a government study showed only 38 per cent of British firms were even aware of GDPR, let alone ready to comply.
Business groups have said companies will have to spend £1.2million each on average to prepare for the complex rules on data processing.
Many do not currently track their data processing in a way that complies with the new rules.
And if they have sought consent from customers to collect data, often the records are out of date or the consents do not meet the GDPR standards.
Facebook and Google are among the firms likely to be most affected by the changes.
They make money from people's data by using it to target advertising at their interests.
Retailers, insurers and banks are also likely to have to make the biggest changes to ensure they comply.
In January 2018 Facebook published a post detailing its "privacy principles" for the first time.
Erin Egan, Chief Privacy Officer at Facebook, said that the principles "guide our work" and the company wants to give users "more control of your privacy".
The guidelines state: "We recognise that people use Facebook to connect, but not everyone wants to share everything with everyone – including with us."
Users in EU countries will get video guides in their newsfeeds teaching them how to control their privacy and advertising settings.
Critics said the social media giant - with two billion users - had been forced into the move by GDPR and the guidelines "crib large chunks" of the EU regulation.
Small businesses and charity fundraisers face a major headache as most do not have the resources or expertise to make sure they comply with the new rules.
Last year handymen, gardeners and window cleaners were warned they could be fined if they try to drum up business by sending an email.
Potential customers would have to have given their explicit consent to each possible use of their personal information by ticking a box online or filling out a form.
Mike Cherry of the Federation of Small Businesses told The Sun: "Many small businesses are already straining under the burden of the current data protection regime and some will be having sleepless nights thinking about how GDPR will add to this."
Some firms fear they will fold if hit by fines.
THE General Data Protection Regulation, which comes into effect in May, is the biggest shakeup of personal data privacy rules since the birth of the internet, the EU says.

Comments

Popular posts from this blog

Check Out The Best Spy Software For Cell Phone In 2018

Hardware Zone Forum hit by security breach and profiles affected

How To Protect Your Data From Ransomware