It’s nearly 5 o’clock ET, so to wrap up the day we’ll leave you with 5 basic things you should know about General Data Protection Regulation (GDPR):
1. It’s about access rights to personal information. It gives EU citizens more control over the data companies, collect, store, and use.
2. There are strict rules. It requires businesses to protect the personal data and privacy of EU citizens, including data exported outside of the EU. No more hiding behind long legal docs and/or privacy policies. Companies have to get new and explicit permission to process personal data in clear, plain language. And it has to be easy to opt-out.
3. The scope is broad. Anything that can be used directly, or indirectly, to identify a person is now regulated. This includes basic identity information (e.g. your name, address, and ID numbers), web data (e.g. location, IP address, cookie data, and RFID tags), health and genetic data, racial or ethnic data, biometric data, sexual orientation, and political opinions.
4. It’s reach is broad too. It applies to all businesses and organizations that are offering goods and services to EU citizens, or to those monitoring/processing personal or behavioral data.
5. Non-compliance will cost you. There are harsh fines for breaches and violations.
Check out this podcast for an in-depth intro to GDPR. It’s perfect for your commute home.