General Data Protection Regulation (GDPR)
On the 25th of May 2018, GDPR became law. GDPR replaced existing laws protects the rights of EU citizens.
The new General Data Protection Regulations exist to protect us all. For years legitimate and criminal organizations have been misusing personal data. The so-called legitimate businesses buy and sell personal data. Companies use the data for marketing purposes, including traditional mail campaigns, telephone marketing, and unsolicited commercial email (SPAM).
Gathering information has been underhand and dishonest using default opt-in settings on web pages and making the user opt-out. Options to share data with “trusted partners” means selling personal data to the highest bidder.
Users will have to opt-in to sharing their data and companies won’t be able to assume one opt-in means the user has opted-in to sharing all their data for life. Organizations will have to disclose if asked what data they have stored about an individual and delete it if requested.
Companies are responsible for keeping personal data safe. We have all seen stories in the news where government agencies and the police have lost data by leaving a laptop on a train or having it stolen from a car. Laptops and memory sticks are especially vulnerable and need encryption.
GDPR in the real world
These new regulations are going to be a legal minefield of conflicting interests where tax law and GDPR conflict and where the practicalities make compliance very difficult.
There will be problems where requests to remove backed up data are impractical and it is restored unintentionally.
Individuals won’t know who holds their data because of past abuses.
Corporate lawyers will be rubbing their hands as GDPR will be a real money-spinner.
Criminals won’t take any notice of this anyway as most of them operate outside of Europe and they are criminals so ignore the law. So don’t expect the SPAM and marketing materials to stop.
The government say the system of fines won’t be the first resort to ensure compliance.
It seems unlikely the government will have the resources to enforce this on day one, if ever.
Visit the official EU GDPR website
For help with GDPR compliance
Telephone: 01525 540041 or 020 33271747