GDPR stands for General Data Protection Regulation. It was implemented on May 25, 2018, by the European Parliament and Council of the European Union (EU). It is the regulation which was implemented for all individuals across the European Union (EU) and the European Economic Area (EEA). It assures the individuals of EU and EEA that their information is protected securely and that they have control over their personal data.
New Things Under GDPR
GDPR replaces the previous regulation known as Data Protection Directive. Following are the new things under this regulation:
- It clearly specifies that you should explain to people what you will do with their private data.
- The way you provide this information should be clear and easily understandable.
Rights Under GDPR
Following are the rights an individual has under GDPR:
- Right of access:
According to this right, an individual can request access to his private data and he can ask the company, how his data is being used by them after data has been collected. - Right to be informed:
It is one of the best requirement under this regulation. According to this right, the company should inform the individuals about the use of their personal data. It means it is a transparency requirement. - Right to have information corrected:
If an individual’s data is incorrect or is out of date, then according to this right he can update his data. - Right to be notified:
If there is a case of a data breach such that individual’s data is being compromised, the individual should be notified within 72 hours of breaching.
There are some other rights to an individual also, which includes the right to be forgotten, right to data portability, right to object, and right to restrict processing.
Restrictions
Apart from the rights provided, there are also some issues which are not covered by this regulation. This includes national security, defense, public security, the protection of judicial independence, scientific analysis, statistical analysis and many others.
The Effect Of GDPR
There is some positive as well as some negative effects due to GDPR.
Whois Effect- Whois is database service used to figure out that a domain belongs to whom. Previously we were able to get all relevant info as Name, address, Email, Phone of a domain owner by using Whois, Due to spam and other activities users had to hide this info using Domain Privacy solution where registrant companies put their info publicly instead of domain owner and they charged a heavy fee for it. Now, After GDPR most of this information is hidden now except State and country which is a positive impact for domain owners as no more spam problem and others, while Registrar companies are hit high with a blow to their revenue source.
The negative effect:
The major impact is on the companies and websites, they had to modify their privacy policies and features. Due to these modifications, they had to send emails and on-site notification about the change in their policies and features which has been criticized a lot by the end users. Few companies like Klout blamed GDPR as it has become a burden on their regular operations. Many international companies and websites have started to block their users who are belonging to the EU and some have restricted users from many activities.
The positive effect:
The relationship between the organizations and the customer has become better and stronger than ever as the organization has to explain to a customer about the processing of data. Stakeholders are now understanding the value of protection of the data. There is no wastage of time and money on the individuals who are not engaged and now according to this regulation, there is no need to keep data for long.