The General Data Protection Regulation
The General Data Protection Regulation (GDPR) is a new regulation in the EU (European Union) that protects data for people in the EU. It goes into effect on May 25th (2018). This is huge news for the internet. It means that internet users (in the EU) are gaining more control over their data, how it’s collected, how it’s stored, and whether or not they want it collected to begin with.
After Facebook’s Cambridge Analytica data breach, this new regulation comes as a breath of fresh air. While this regulation affects only the EU and companies who do business there, it’s the beginning of a new era of internet protection. Yes, the GDPR will affect American businesses.
Since the dawn of the internet, laws and regulations that protect internet users have been mostly non-existent. Which has allowed many companies to take advantage of people, and blatantly disregard their responsibility to protecting people’s data (ex: Yahoo, Adult Friend Finder, Twitter, Equifax, eBay, and Adobe). Some of these companies weren’t held accountable for the data breaches.
How can you be prepared?
As the internet moves forward, it’s important to have plans to be GDPR compliant, including having a privacy policy, and even a checkbox on the contact form that says it is okay for your data to be stored, even if you’re not doing business with people in the EU specifically because an EU visitors can still go to your site and complete the form, which is a violation in the law (an unlikely situation, but something to be prepared for), and an EU visitor who comes across a US business site (like when they’re on vacation in the US) still need to be protected by the GDPR.
Contact JC Sweet & Co. today with any questions or concerns!