Does EU GDPR matter your business?

Does EU GDPR matter your business?

GDPR, or General Data Protection Regulation is nearly a new flashing word in the last few months across the world - in fact, it is because the new regulation for data protection in EU came into force on 25th May 2018, replacing the old data privacy law. However, the approval on that law was made on 2016, and some companies have prepared before its start day, yet according to the article from Forbes, 79% of business in US haven't been ready to adapt this new regulation.

The critical point in this regulation is that no matter your business location registered is, if the business data involves EU citizens, it is in the scope of GDPR. Therefore not to mention such Facebook, Twitter, YouTube, Amazon - those giant marketing platform and social media, but also any global business who may target EU users and customers are obliged for GDPR, for example many in travel, logistics, and eCommerce industries.

The rule was designed to protect user's privacy, and forces an organization to get consensus from users for opt-in, to erase customer's data when asked, and notify users within 72 hours if data was hacked, where if the business was found breaching GDPR, it would be fined up to whichever bigger of 4% of global revenue or 23 million USD. Those requirements considerably calls operational and technological changes in the business, so it has significant impact on companies.

From users' perspective, if you are non-EU citizens, GDPR may benefits you when an organization applies new data protection beyond Europeans without separating categories. Although you cannot sue without legal formation in your country.

Nonetheless, none of new regulation could be perfect without any criticism from the beginning. Despite its purpose to protect users, an opinion says the regulation can expedite exploitation of users' data. Why? Since most of the time, a company is much expert on the data usage and the only option left for the users are to select "agreed" in turn of benefit that the company provides. The regulation is not powerful enough to limit the way of data usage.

While this new enforcement haven't developed enough in business how to execute, the movement of enhancing the privacy and user's right in digital world isn't deniable. The wave rose from EU could soon reach to everywhere in the world.

REFERENCE:
https://www.eugdpr.org/the-regulation.html
https://www.forbes.com/sites/forbestechcouncil/2018/03/27/u-s-businesses-cant-hide-from-gdpr
https://www.forbes.com/sites/forbescommunicationscouncil/2018/05/09/how-will-gdpr-affect-the-mobile-marketing-world/
https://www.cnet.com/how-to/what-gdpr-means-for-facebook-google-the-eu-us-and-you/