With so much hue and cry over data protection and privacy, there is a new law that goes in effect from May 25 in Europe that will also affect a lot of users and businesses around the world. It goes by the name of GDPR, a.k.a. General Data Protection Regulation. For starters, this will be effective in Europe across 20 countries, but eventually, it might just be a blueprint for many countries in Asia as well as the USA that plan to make data privacy for users their utmost priority. In 2017 alone, the number of malware and ransomware attacks on various servers did give us a warning sign of how this so-called fourth industrial revolution will shape the world in which information has become synonymous to power. Cambridge Analytica scandal was probably a nail in the coffin. But GDPR is not something of a knee-jerk reaction by the European Union. It has been in the making for a while now, and all these malicious attacks and misuse of user data have just proven how it has become necessary to keep a check on companies that thrive their business on user data. At News18 Tech we try to answer all the questions you might have regarding GDPR.
What is GDPR?
The GDPR (General Data Protection Regulation) law will be implemented starting May 25, 2018, in Europe. It is a replacement for the 1995 Data Protection Directive. The Data Protection Directive till now has been used for setting the minimum standards of processing data in European Union. It was quite basic and there was a need to make it more stringent. The GDPR implementation promises to strengthen a number of rights that users will have over companies that rely on their data. Post-GDPR individual users can demand companies like Facebook, Google, WhatsApp to reveal or delete the personal data they hold. This will also be a pan European Union regulation that will help regulators to work in across the EU for the first time. Earlier regulators had to launch separate investigations in each jurisdiction. This most of the time gave companies loopholes to exploit and the enforcement of these regulations was tough. The minimum fine upon breaching GDPR is also reaching as high as 20 million euros or 4% of the companies global turnover. This is harsh for many companies and tech startups and will ensure that individual data protection compliance is kept at the highest priority by these companies.
What All Companies Are Covered Under GDPR?
In effect from May 25, GDPR will almost affect every company that you can think of. The biggest to take a hit would be companies that hold or process large amounts of consumer data. These will include your e-commerce websites like Amazon, tech companies like Facebook, Twitter, Google and even firms, marketers, data brokers and social farms that work for other companies for acquiring or processing consumer data. With huge sums of data, even complying with basic requirements of the GDPR will pose a huge task for many companies. Many companies right now don't have or have even implemented the tools for collating all the individual data that they hold on a user. This makes it a massive cleanup or reorganising of data for these companies.
The biggest impact of GDPR will be on firms and companies whose entire business model relied on acquiring consumer data and exploiting it for revenue gains. Now these companies will have to ask for consent from users whose data they hold and specifically tell them the purpose for which their data will be used. This consent will also have to be taken every time these firms try to use the data for some other purpose than previously agreed upon by the individual.
Also Watch: Vivo V9 Review: First Android Clone of iPhone X in India
What Happens To The Big Tech Companies?
Companies like Apple have also put in a new privacy dashboard and also gloated that they never really collected any personal data from its users, unlike their competition, so they didn't have much to comply with GDPR. Google on the other hand, which in a way controls the maximum user data in the world, went into a ninja mode to quietly update its products and privacy policies. I bet many didn't even notice how subtly Google did that.
Microsoft's India's President, Anant Maheshwari, recently wrote in a blog how, in February of 2017 Microsoft had announced that they would be GDPR compliant across our cloud services by the deadline. He wrote "We embraced GDPR proactively. It is also a matter of great pride that we have helped customers round the world be GDPR-ready ahead of time."
Also Watch: OnePlus 6 First Impressions
What does it Mean for Users?
With GDPR in place, users will have the power to hold many of these companies accountable for how they are using your personal data. This also makes the users way more powerful in front of many companies that play on big data analytics. Users can choose to have data blockers or even delete their data from many online apps, services and sites. They can also, at any time, choose to request their data from these companies and also choose to give or not give consent. So in effect, the users will be more powerful than the companies and the big data crunching companies will have to take its users seriously.
What Happens to my Old Data?
The information commissioners across the EU have your back. The new powers given to them post GDPR, companies will have to be very cautious about using your old data. This is also in a way bad for the startup ecosystem as many new startups might struggle to persuade users for their consent on personal data. For big companies, this might not be as much as a problem.
Will GDPR Work?
Like every law worldwide there are always loopholes that these companies can and will find in the upcoming months and years. But, considering what we had earlier in terms of data protection of users and GDPR, this is a massive upgrade in terms of data privacy laws. In the coming months, we won't be shocked to see many lawsuits between companies and users, and even between companies that do business together.
Don't Forget to Subscribe to the 'Tech And Auto Show' YouTube Channel
What About Indian Users?
Right now, starting May 25 the GDPR applies only to the European Union. Indian users will not come under this as for now. Also, for many global tech giants like Facebook, Microsoft, Apple etc this is a massive Public Relations opportunity. Most of these companies in terms of usage and privacy policies are global. That's one of the reasons why you must be seeing so may updates and permissions pop up every week when you open your Facebook App or even WhatsApp. They have included compliances that are mentioned in the GDPR but with a clause that it may differ from other jurisdictions, like in India, GDPR will hold very less significance as compared to what it holds in the European Union.
What Should India Learn From GDPR?
The GDPR is a very proactive step by European regulators when it comes to protecting individual data from big companies that thrive on user data for profits. India is the second most populated country in the world with an estimated 500 million users by June 2018. These 500 million people are still young to the concept of privacy and data, which makes the Indian market a soft target for big tech giants when it comes to exploiting user data. GDPR can be a blueprint to be used by the Indian regulators and lawmakers to safeguard the data of many Indian who love to use apps like Facebook, Twitter, Snapchat and even swipe those candies on their phones.