Everything about the new GDPR, how it affects us and why it is important.

in #technology7 years ago (edited)

Image Credit

From 27 May 2018, the GDPR or RGPD (General Regulation of Data Protection of the European Union) becomes mandatory . And, because of this reason your inbox has been filled in recent weeks, and especially in recent days, by an avalanche of emails that seem to be all the same and that tell you about changes in the privacy policy .

These emails come from all the companies on the web that deal with data from European citizens, it does not matter if they are from countries outside the Europe. Thanks to this regulation, the way in which you should be informed about the data you are giving away and what they are using it changes drastically .

The regulation may be European, but its consequences extend to the rest of the world, and that's why we should all care regardless of where we live . In this post I will explain you in a concrete way how the regulation affects you and why it is important.

  • What is the RGPD for?

This regulation gives the European Union the power to hold businesses and organizations accountable for the way they collect and manage user's personal information, that is, your data.

It has been granted a period of two years to comply with the regulations, which came into force on May 24, 2016, not today or last week, as it might seem due to all those emails. At that time the companies had to explain to us well what they do with our data , request our consent to use them and also offer us the opportunity to delete them or revoke their permission to continue processing them.

Those who fail to obey the regulation could be fined up to 4% of what they bill worldwide every year, or up to 23 million US dollar whichever is greater.

  • What are these emails for?

If you ask yourself what is the usefulness of the regulation if it seems that many solve everything with a simple email, the difference is that this simple email with information does not let companies wash their hands and assume that you gave your consent tacitly, as happened before .

You receive the emails because companies around the world have a responsibility to contact you , both to inform you in a transparent and simple way what they do with your data, and to renew the consent of use you gave, if this did not comply with the GDPR.

  • What happens to my data if I accept and what happens if I do not accept?

It is important to highlight that the regulation does not prevent organizations and companies from using your data for all purposes that they please, provided you have given their consent. What it does is force them to explain what they are doing, that's where your share of responsibility comes in.

If you give us your active consent, a company can not do things like send advertising, sell your data to third parties, use your data to cross-sell, etc.

It is also not valid for a company to check all the boxes on their own, privacy must be the default option , you must do all the clicks and accept all the ways in which your data will be used.

  • What happens if I am too lazy to read the privacy policy?

Of course you are lazy, no one likes to read the concidiones and terms of service, because first they are too long, second they are too dense and third they are too boring.

The GDPR now requires that policies and terms of service should be easier to understand , which should be written in simple terms and not in a legal slang incomprehensible by the average human being.

If you have been informed, if the policy has been redesigned to be clear, if you have correctly requested your consent and you continue to be lazy and accept the conditions anyway because you want to continue using one service or another, it is your responsibility.

  • What happens if I do not live in Europe?

If you do not live in Europe it may seem that none of this matters to you, but thanks to the regional scope of the regulation that deals with data of residents of the European Union must comply with it, the impact of the GDPR reaches all big companies that we know, like Apple, Google, Facebook Microsoft, and so on .

You may not have these strict rules in your country, but some organizations and companies have chosen to maintain these principles and offer the same privacy options and protections for their users outside of Europe . Some perhaps in good faith, and others so that they do not look bad with the rest of the world and take care of their image.


  • What happens to my data if I do not want to give it to anyone?

One of the rights granted by this regulation is the right to data portability , that is, that you must have access to all the data that an organization has collected about you.

In addition, you also have the right to move your data to another provider without losing the history you have amassed, so that you can also benefit from your own data. And finally, you have the right to request that all your information be removed from the databases of an organization.

The GDPR is not going to magically stop data collection by multiple organizations, but it probably will make them think twice about the amount of data they collect, as they will need to justify their purpose and report on it . It is a step forward for the adoption of better data collection practices.



Dear friend, you do not appear to be following @wafrica. Follow @wafrica to get a valuable upvote on your quality post!

Great article. Great news reporting.

Editorialize a bit for me. Do think this is a good move, or not, and why?

It seems common sense to me that companies should have to get overt, clear language consent before they violate someone's privacy. Is that really the intent of this new policy? Do you think that is the correct way forward? Do you think it will be effective?