In a world where so much of what we do takes place online, data privacy has become a massive global issue.
If your company handles someone’s data, then your company has a responsibility to respect and protect that data. Global privacy laws are being strengthened all the time in order to protect citizen’s rights to privacy and to fight the scourge of cybercrime. The General Data Protection Regulations (GDPR) are simply the latest, and strongest set of laws, yet developed for protecting data.
The GDPR was produced by the European Union, but it affects businesses around the world that have any business with European citizens.
It was signed into law on May 25, 2018, and quickly became the template on data protection for many countries around the world. In fact, GDPR has kickstarted a wave of stronger data privacy regulations which have had a profound effect on online security for all of us.
The regulations are primarily concerned with personal data. That includes information like:
- Name
- Phone Number
- Date of Birth
- Address
- Race
- Religion and Political Opinions, and much more.
This is the kind of personal data that is very valuable to large companies and to cyber criminals too. Global giants like Facebook and Google have built empires by harvesting ordinary people’s personal data. They need to be pressured into using and storing that data responsibly, and that’s what these laws do.
In a nutshell, the GDPR tells companies exactly what they can and can’t do with your personal information, and imposes stiff fines on them if they don’t comply. For example, when British Airlines suffered a cyberattack that saw half a million people’s personal data stolen from their servers, they were hit with a fine of $230 million under GDPR law!
As internet users, each of us has the right to know what information has been gathered about us, and how our data is collected and used. You can also request that it be fixed if it’s wrong and even ask for your data to be deleted.
If your small business or website deals with EU citizens in any way, then the GDPR laws apply to you and you need to be aware of your responsibilities towards the data you are collecting.
Click here to find more information on GDPR compliance.