There have been various emails from biggest tech companies notifying the users of changes to their privacy policy and terms of service. This is not a coincidence. This Friday, a new legislation, which will deal with data privacy will go into effect in the European Union. This regulation will also check on how companies handle an individual’s personal data. This new regulation is called the General Data Protection Regulation, or GDPR for short. This new regulation will grant individuals some rights that will concern about their personal data. It will also stipulate a number of duties companies have regarding how they process that data.
What is GDPR:
The GDPR is an 88-page document that encompasses about 99 articles. These articles cover topics like the right to be forgotten, consent management, data probability, and protocols for handling data breaches. These new laws are applicable within the European Union’s borders. However, these laws are not very simple as they seem to be. For example, these rules are applicable only to those individuals who are in the EU. These rules are applicable to those users also who are just passing through on vacation. These laws do not necessarily apply only to EU citizens, so an Italian who is currently staying in India, the GDPR will not protect them.
These regulations will be enforced on any company that processes data on at least one person in the EU. It is not necessary that the company has a physical presence in European Union. One of the most drastic change that the GDPR is going to introduce is the severity of fines that it involves. Any company that will fail to comply with the regulation may be fined up to €20 million or 4% of the total worldwide annual turnover, whichever is greater.