The digital world is slowly taking over various industries, and many companies are flocking the internet to take their businesses where there are the most customers. It has never been easier to build a following of customers online. However, the threats online have never been more aggressive as well.
According to Gemalto, there are 7,125,940 data that are compromised each day in 2017. To break it down, that’s 296,914 compromised records every hour, 4,949 every minute and 82 every second. Various countries are beginning to take steps towards the security of customer information, and the European Union (EU) is about to make progress.
Come May 25, 2018, the General Data Protection Regulation (GDPR) will be in effect in all 28 states of the EU. The new law hopes to “harmonize data privacy laws across Europe,” according to its website.
The European Parliament adopted the GDPR in April 2016, and it will replace the previous data protection regulation called the 1995 Data Protection Directive, CSO Online reported. The new regulation will require businesses and companies to protect the data and privacy of EU citizens that make transactions within the confines of the member states. Other than that, it also takes into account personal data that are exported outside the EU.
There’s nothing wrong with streamlining the standards across all companies in the EU, but the GDPR has been scrutinized for setting the bar too high. Some have also said that its provisions will obligate companies to make certain investments and improvements first.
Key provisions in the GDPR
To begin with, the GDPR’s impact will be felt throughout many industries. Social media websites like Facebook and Twitter will need to immediately adhere to the regulations, per MarTech Advisor. Other affected companies are retailers, political organizations, and banks with online outlets.
For those outside the EU, the provisions under the GDPR will apply to companies that have a presence in any of the member states and companies that handle accounts of European citizens. Additionally, the GDPR will also apply to companies that have more than 250 employees. If a company has less than 250 employees, it will still apply to them as long as their data processing affects the rights and freedoms of data subjects in the EU.
One concern of companies within the scope of the GDPR is that they’ll have to appoint a data protection officer (DPO). Those required to appoint a DPO are public authorities, businesses that keep or handle a great quantity of EU citizen data, and those that specialize in checking data subjects.
DPOs can come in the form of an individual or a unit of specialists. Businesses are not allowed to interfere with the work of DPOs, and doing so will result in a fine. Additionally, the failure to appoint a DPO will also lead to a fine.
The GDPR also enhances the rights of customers to their data. Specifically, they will now have the right of access to their personal data, a right to correct inaccuracies, a right to have their data erased in certain cases, a right to restrict processing of their personal data, a right to transfer the data from one device to another without the interference of a data controller, a right to object to data processing and a right not to be subject to automated processing, including profiling (Right to No Profiling).
Businesses are also required to inform their customers about what they do with the data they collect, and the details must be expressed in clear and simple language.
Another key provision in the GDPR is that it has an extra-territorial effect. Regardless of whether or not the business’ server is inside the EU, the provisions in the GDPR must be adhered to as long as the services or goods are being offered to EU citizens. This means non-EU businesses that process the personal data of the said citizens must adhere to the new standards.
The GDPR outside the EU
Its extra-territorial effect is worrying businesses outside the EU as well. According to a report by Ovum, about two-thirds of companies worldwide anticipate that they will adjust their business strategies to comply with the regulations. Furthermore, 85 percent of U.S. companies believe that they are at a competitive disadvantage over European companies.
A PwC survey says that 68 percent of American companies are expected to spend about $1 million to $10 million to meet the new standards set by the GDPR. On the other hand, 9 percent are expected to go beyond $10 million. Unless they meet the standards, they can say goodbye to the European market.
The GDPR is great as it provides improved security and privacy for the personal data of consumers. After scandals like the recent Facebook-Cambridge Analytica issue, people are more concerned than ever for their information online. Despite its huge advantage for citizens in Europe, its high standards are definitely going to be felt by businesses in and out of the EU.
Pet cleanup charges take many travelers by surprise
From rental cars to hotels, the travel industry is now actively charging customers for pet cleanup expenses.
Agriculture markets rally as China looks at TPP compliance
China passed a law on Friday protecting foreign investments and investors. This had been a key demand from the US...
How the building envelope impacts your property investments
The building envelope is the barrier between indoor and outdoor environments. Here’s how it plays an important role in your...
What indicates the start of a bull market run?
Predicting the stock market is difficult. If it were easy, there would be a lot more millionaires in the world....
Boom and busts: Monetary inflation stemming from fractional-reserve banking
This was a constructive week for the Dow Jones, up 1.49 percent in the BEV chart.
- Sponsored2 days ago
White Label Liquid (WLAB) is the custom producer CBD investors should keep an eye on
- Featured5 days ago
Co-working: The office space trend that keeps expanding
- Entrepreneurship5 days ago
How to use Facebook Marketplace ads to quickly boost your income
- Entrepreneurship3 days ago
3 ways to improve your social media storytelling