5 things you need to know about the GDPR

GDPR, short for General Data Protection Regulation, is created to give European Union citizens greater control over how their information is used online.

The GDPR took effect today, so this guy wasted no time. However, in most cases firms must also show that they need the personal data for a specific objective.

The right to object: Users get an “absolute right” to stop companies from using private data for marketing.

While the GDPR only applies in the 28 EU member states, the laws have implications for any company that collects data on European residents, even if they are headquartered overseas.

General Data Protection Regulation will impact the way personal data is manages across the globe. And it could lead other cities and states to craft new privacy rules in the image of the GDPR.

People in the bloc have been bombarded with dozens of emails asking for their consent to keep processing their data, and a privacy activist wasted no time in taking action against USA tech giants for allegedly acting illegally by forcing users to accept intrusive terms of service or lose access.

Like many others, Tantleff said “even I got fed up when I receive 152 such consent emails in one day”.

That’s why Austrian privacy activist Max Schrems – a vocal critic of Google’s data collection practices – is suing the company to the tune of $3.7 billion. Google is embedding video (from its YouTube service, of course) to further explain the concepts.

Even Apple – a company famed for its respect for customer privacy – had to strengthen its safeguards in order to meet the extremely high standards set by GDPR. Some are obvious, such as to fulfill contractual obligations – for instance, when an insurer pays out a claim.

From May 25, consumers will be asked to provide explicit, affirmative consent for their personal data to be used and processed. Employing advanced computer vision and machine learning technologies, the software tracks and protects the organization’s sensitive data, the company says on its website. Another lawful reason to email is what is known as “legitimate interest.’ Although this comes down to a subjective judgement in the end, if a company is emailing me to pitch a product or service, and it has reason to believe that it is relevant to me, then it can use the ‘legitimate interest” reason to email me.

In response to the changing laws in the European Union, many companies, like Facebook and Twitter, will extend these enhanced user protection policies to all users.

Thomas Leysen, chairman of KBC Group NV, was asked at a Brussels conference this week whether banks should worry about being held accountable for any breaches of data while in the hands of third parties. Firms have to clarify how long they retain data.

Companies must notify authorities of data breaches within 72 hours.

If you have any questions about your account, would like us to generate an export of your saves, or want to check in on our progress, please let us know at support@help.instapaper.com. Facebook’s latest efforts to address its missteps and attempt to regain public trust come just before the rollout of a sweeping new data privacy law in Europe.

European regulators have in the past taken a tough stance of big tech companies not playing by the rules. It applies to any business that processes the information of anyone located in the EU.

First, they have to figure out if this applies to them.

Among the websites blocked were the Chicago Times and LA Times, which posted essages saying they were now unavailable in most European countries, said the BBC. Personal data means “any information relating to an identified or identifiable natural person”. “Companies that have been making money from our data, have more responsibilities”, Vera Jourova, Europe’s top justice official, said Thursday.

Some companies are extending at least some EU-style protections to all users.

At UKC and UKH, we have been working hard to make sure our data complies with the new law. However, companies outside the European Union won’t face legal repercussions or fines if they fail to follow through with users outside the EU.