Hi, this is Wayne again with a topic “GDPR: Why you just got bombarded with privacy policy updates”.
So you may have noticed a ton of privacy policy emails lately from companies like Facebook, Twitter, Venmo, Spotify, this dating app I used to use or MOO which, to be honest, I have no idea what MOO even is, but I know they updated their policy.. So the emails don’t always say it, but those new polices are the result of something called the General Data Protection Regulation or GDPR, which goes into effect, May 25th., It’s a new rule in the European Union. That’S rewriting how data sharing works on the internet and almost no one is ready for it.. Most people don’t even know what it is even a lot of the Verge staff.. What is GDPR Data Privacy, –, [ Crew, ], Nope., Really Personal, I’ve heard of the term GDPR.
Global.. I work here, but I really don’t know.. I didn’t look into it., So it’s totally okay to not fully understand the GDPR, because it’s really complicated, but basically it sets new rules for how companies can treat user data with a particular eye towards tech companies.. And even if you don’t live in Europe, companies are rewriting their policies for everyone, which is why you’re seeing all those emails.
The big difference is that the GDPR’s idea of consent is a lot more intense than previous regulations. So companies have to ask for permission more often. In concrete terms, that means a lot more “ Click to Proceed” boxes. Although the transparency requirements also mean the text inside should get a lot more explicit..
Probably the most important change is how companies share data behind the scenes. Right now visiting a single website might feed data to dozens of different companies for analytics, log-ins and above all, advertising., But the GDPR means any company that gets that data second-hand will have to explain Why they need it and what they’re doing with it. So no more sharing data willy nilly., Another cool thing is that EU residents now have the right to request their data from companies and ask for certain information to be deleted or corrected.
If it’s inaccurate., Once you put in the request, companies will have 30 days to respond or face penalties. For a big company like Google or Facebook. The scariest part is the fines..
If they’re found to have violated the GDPR regulators, can fine companies up to four percent of their global revenue.. So if that company is Amazon, for instance, that would mean a fine of up to seven billion dollars. And remember no one knows exactly what compliance means. So there’s no sure-fire way to avoid the fine., Although it’s bound to have a messy start. The assumption is that regulators will treat the May 25th deadline as a kind of soft opening, giving more guidance and adjusting as time goes on. Still.
The GDPR really does mark a sea change in how data is handled across the world. Bit by bit the internet’s getting less creepy and while the US is maybe rolling back internet rules and grappling with privacy concerns around Facebook. The GDPR is a reminder that the government really can protect your data when it wants to. Something to do with your data privacy and we’re getting a lot of emails about it from everyone you’ve ever given your email, to. Yeah. I have no idea what that stands. For. Is that right, [ Crew ], I don’t know .