Has your inbox been flooded with emails about changes in privacy policies? I know mine was. All of those emails stem from the start of the General Data Protection Regulation, AKA GDPR. So what exactly is it and how does it affect you?
The GDPR is a legal framework meant to protect the personal information and data of European citizens for transactions happening within EU member states. Thus, all companies dealing with EU citizens’ information are bound to it, even if they don’t have EU headquarters.
The GDPR replaces the old 1996 Data Protection directive, mainly because of the quick changes happening due to the digital age. The former instruction fails to address new data concerns in the digital world, it was fine in 1995, but outdated by 2019 standards.
For EU consumers, the GDPR ensures their right of erasure, AKA, their right to be forgotten. This means that an EU citizen can request their data to be removed. On the other hand, it also helps consumers to know when their data has been collected and whether or not they can opt out of it.
Businesses dealing with EU customers had two years from 2016 to 2018 to make their databases comply with the new regulations. The deadline was October 2018, hence the multitude of emails in the later part of the year. As for US-based consumers, it doesn’t change much. Except to serve as a reminder that large digital corporations undervalue our privacy. However, stay tuned as states, like California, introduce privacy laws similar to the GDPR.