Do individuals own their data? Do they have the right to trace, reclaim, and even perish it if they wanted to? According to courts, they do, and people managing websites, which individuals visit, have no right in claiming ownership over any data in their possession. Individuals shouldn’t have to constantly keep asking the websites they have visited to delete their data. Users, specifically EU citizens, have been receiving a lot of emails lately urging them to review the new privacy policies laid out by organizations and companies. So what’s new for the EU citizens? A new law that includes GDPR technology is going to be implemented on the 25th of May. GDPR is here to change privacy settings and the manner in which users’ data is being collected once and for all.
What is GDPR?
The General Data Protection Regulation (GDPR) is a regulation found in the EU law on the matter of data protection. It’s a legal framework that lays out the guidelines regarding the collection of individuals’ personal data within the European Union. Basically, the GDPR explains how companies and corporates can get users’ approval to use their personal information and data. Ticking the box next to “I agree to terms and conditions” is no longer regarded as a way of proving users’ consent. Bombarding users with pages and pages of terms of agreement, which no one actually reads, leads them to agree to whatever is displayed in front of them just to get it over with. This is no longer the case with GDPR as company policies now have to clearly state a request for consent in a distinguishable manner. Companies are also not allowed to ask for more personal information in exchange for upgraded or premium services.
What Happens to Violating Companies?
Google Analytics has the authority to collect users’ data under the stipulation of notifying those users through an online process that their data may be stored and used. Now Google is aware of the risks that they might encounter if they don’t abide by the GDP law and store people’s data for who knows how long. As a result, Google had all users’ personal data expire after twenty-six months from the date of its collection, but of course, users can manually change that default time period to one that suits them best. With large fines awaiting companies who violate the compliance with GDPR, it’s important for users to know their privacy rights. Some of which are:
1- The right to be informed
Companies and organizations must inform users in detail what data they are collecting from them, what they are using it for, how long are they willing to keeping it, and finally with whom it’s being shared.
2- The right of access and erasure
Users are granted the right to ask companies to show them the data they have on them along with the reasons why they are keeping it. “The “right to be forgotten” states that users are allowed to demand that companies delete any unwanted information they might hold on them.
3- The right to object
This means that users can demand that companies stop using their data in ways they would not agree to be or be okay with. This includes sending advertisements or making commercial phone calls.
How Does The GDPR Affect EU Citizens?
With GDPR rest assured that companies won’t get hold of your personal data as they used to previously do. GDPR is here to protect EU citizens from having companies and organizations tamper with their data. It puts the control in citizens’ hands as to what information they would like to share. The law gives the EU citizens the right to access and to erasure (to be forgotten). A citizen can ask the company he/she has dealt with on whatever platform for a copy of his/her personal information it had stored within a month, tops. The user here gets a say in what data can the company keep and how it can be used. The user can also ask the company to correct or delete personal information which is a right the company cannot object to. Security is yet another element GDPR has to offer its users. It is responsible for keeping users’ information safe and preventing it from getting stolen. Should there be any data breach, companies must immediately inform their regulator within 72 hours, otherwise, people’s rights and freedoms will be at risk.
What About Citizens Living Outside the EU?
The GDPR will strictly be implemented within the European Union. That doesn’t mean that only European citizens will get to benefit from it. You can take advantage of the GDPR by hiding your original IP address and choosing server located in the EU. When websites see your EU IP address, they will think you are within Europe and offer you greater freedom to choose how your data is collected and used. Although it may sound complicated, it actually isn’t. Take a look at this guide for more info on how to benefit from GDPR while outside the EU.
GDPR For Data Protection
Your personal data is the gateway to online interaction, which is why you should have more control over it. Technologies that help us protect our data should be encouraged and widely implemented. If laws and technologies like the GDPR aren’t formulated to protect our privacy who knows where our data would end up.