Opposition spokesman urges focus on new rules that take effect today
- Author: Anthony Vega May 25, 2018,
May 25, 2018, 22:44
Account holders can send an email at [email protected] for this goal. Following scrutiny of its data practices, Facebook had also promised that it would make the controls it introduced for GDPR available to users worldwide.
"In order to comply properly with the new regulations, companies in the enterprise tech space must demonstrate that they can put the right processes and policies in place to offer exceptional data security", he said.
These first legal tests of GDPR strike at the heart of the business models of giants such as Facebook and Google, which provide free online services in return for the harvesting of your data - once you have granted your consent, that is.
As the deadline for Europe's General Data Protection Regulation (GDPR) draws near, we have got news (pr rather, memes) for you.
The right to be informed: This means you have the right to know how companies use your data.
Experts say that companies that have taken privacy seriously should find the new rules easy to comply with. Google is embedding video (from its YouTube service, of course) to further explain the concepts.
Countless leaks and hacks have exposed vast amounts of personally identifiable information with very little impact on the companies or organisations that allowed it to happen. Some are obvious, such as to fulfill contractual obligations - for instance, when an insurer pays out a claim. Another lawful reason to email is what is known as "legitimate interest.' Although this comes down to a subjective judgement in the end, if a company is emailing me to pitch a product or service, and it has reason to believe that it is relevant to me, then it can use the 'legitimate interest" reason to email me.
The right to restrict processing: gives a user (in some circumstances) the option to limit how a company uses their data.
"And to make a conscious attempt, or a conscious decision what data they share".
For example, the regulations require companies to report serious data breaches within 72 hours of becoming aware of the problem. "However, it's not too late and taking the right steps now is essential to avoid more confusion and, at worst, a hefty fine".
The new law could be hard for some companies to comply with.
Okay, what are the specific rules a company must follow?
While the law is created to protect people in the European Union, its impact will also extend to the U.S.in some cases. Beyond that, the EU rules merely say they apply to "data subjects who are in the Union".
Note that the rules are different depending on the data in question. If global customer data stored in India gets leaked, Indian businesses could face huge penalties in Europe, ranging from 20 million euros to 4% of global turnover. "Companies need clarity to be able to safely extend operations across the EU".
Facebook CEO Mark Zuckerberg, for instance, promised "global settings and controls" for users during his USA congressional testimony in April, but was otherwise vague on the subject. The opposite feeling spread on the screens of many users: tons of "consent boxes" popped up online or in applications, often combined with a threat, that the service can not longer be used if user do [es] not consent. "It might seem like a smart move, but in some cases, it's more work", said Larry Ponemon, founder of the privacy research firm Ponemon Institute.