The General Data Protection Regulation (or short GDPR) is law regulation that protects the data of the individual citizen of the European Citizen. It is a law framework prevents companies and corporations from collecting and using an individuals data and sets guidelines for it to do so. If a company is caught collecting data for personal profit, they will be fined revenue. It sets principles for data management and the rights of the EU citizen.
The GDPR cover all companies that deal with the handling of data of the citizen. Financial companies, banks, and insurers are expected to comply. The GDPR was first introduced in April 2016 and came into effect as law on the 25th of May 2018.
The GDPR and Protection of Data
The GDPR is an addition to the already in place trend of protecting citizen’s data. The GDPR requires data collectors to:
- Notify if they are collecting data and if misuse is found, they will be fined.
- Notify if data is being used and notify if data has been hacked or is at risk of being hacked or stolen.
- Obtain explicit consent from individuals if data is to be harvested for use
- Assign data protection officers to ensure the integrity of data
- For foreign companies to continue operations in The EU, they must offer a huge investment of compliance with the EU regulations. Companies outside of the EU dealing with data of European citizens must also abide with the GDPR.
Effects of the GDPR
The GDPR requires companies to pseudonymize personal identifiable information before they acquire it for processing. This prevents companies from linking the information they have with any individual. This pseudonymisation of personally identifiable information enables companies to analyze large amounts of data assessing the debt ratios. Before the GDPR, the information gathered might be used for more information unassigned purposes which are separate from assessing the credibility and quality of a loan
This will also eventually lead to the minimization of data that is that a company harvests for a particular use. Often, the company harvesting the data will use the data for more undeclared purposes. The GDPR will force use of data beyond it’s intended use.
This takes on the conventional trend of companies that seek to acquire data of individuals to analyse for maximum insight. This insight was then used in marketing tools to show users targeted ads based on preferences of the individual that was determined through the data. Such as Facebook that showed people ads based on their search history and data use and infamously collected user data by listening into conversations of people by using their device’s microphones.
The GDPR is a landmark law framework that continues the European trend of data protection and individual security and acts as an example for protection of data rights.
The importance of it and it’s timing comes in contrast to the US regulation that undoes the Net Neutrality rules placed during the Obama administration. The handling of these laws might put the citizen’s data at phenomenal risk.
If you have any questions regarding this topic,
If you find this article informative, please feel free to share with your friends 🙂