On May 25th, 2018, GDPR (General Data Protection Regulation) was enforced, causing a major shakeup for European businesses. Considered to be the most significant change introduced into data privacy regulation within the past 20 years, GDPR has understandably caused a few major concerns.
As businesses struggle to ensure they’re now meeting GDPR guidelines, here we’ll take a look at what it actually is.
A Modernization of Data Protection Law
Put simply, GDPR is a modernization of data protection law in Europe. Times have changed dramatically over the past 20 years, with computers and technology playing an integral part in our everyday lives.
The way data is collected, stored, and used has really changed, and not necessarily for the better. That’s why GDPR was introduced. It modernizes the law, while also providing a more streamlined approach to data protection.
Replacing the 1995 Data Protection Directive
GDPR has replaced the 1995 Data Protection Directive. While somewhat effective, this directive was out of date.
It took over four years for the European Council and European Parliament to agree to adopt GDPR. It was revealed in May 2016 that the law would come into effect in May 2018, giving businesses two years to prepare and adopt the necessary changes. (Though, truth be told, many still waited until the last minute!)
So, what exactly has changed with GDPR? Well, for consumers, it’s given them better access and greater control over the data businesses hold about them.
For businesses, there’s a lot more rules and regulations to meet on how data can be collected and used.
There’s actually a staggering 99 article set out within GDPR which highlight the rights of individuals. Some of the key changes include:
• Significant fines to businesses who fail to meet GDPR
• Easier access for individuals to the information businesses have on them
• Clearer responsibility for businesses and organizations to gain consent before storing and using individual data
• Regulators can work together throughout Europe
The fines introduced have been particularly harsh, with the maximum reaching 4% of a businesses’ global turnover. Understandably, this has caused a lot of concern for businesses across Europe (and those who do business there), with many struggling to meet the new guidelines.
While GDPR may be complex, it is largely viewed as a positive step in data protection. Big data has become a huge part of business and it affects practically every sector.
The peace of mind it gives to individuals is fantastic, especially after a lot of recent data protection breaches. However, for businesses, the consequences of not following GDPR are pretty tough.
Take a look at your email marketing provider and make sure that you are using the proper tools to maintain compliance. Use the double opt-in features, allow people to choose what they share with you, and only ask for the information you truly need in order to complete a transaction. Err on the side of caution with each piece of information. If you don't truly need the info, don't ask for it.
In our next post, we'll talk more about who is affected by this new law.