The European Union will enforce the GDPR (General Data Protection Regulation) law that will begin the process of personal data being obtained, used, and shared domestically and around the world.
What is the GDPR?
As of May 25, 2018, the regulation in the EU law gave citizens control of their personal data and how it gets used by companies. Now, companies such as Facebook, Twitter, and other foreign sites must protect their sensitive information, give consent on if they want to share their data with the website, and also comply with rules pertaining to exportation of personal info. Basic identity information, web data such as IP address and cookies, health and genetic data, political opinions, and more will all fall under this new regulation. So, what happens if you don’t want to comply? There’s a price to pay. Offenders can face hefty fines that can go up two to four percent of annual global revenue ($11 million to $23 million).
Pros & Cons
Security and the protection of sensitive data will now be looked at seriously so online users can be more informed and feel less worried about who has access to what. This means every organization is getting the short end of the stick as they scramble to make changes to their internal policies. From this point forward, privacy becomes more of an expense than a worry with the exponential need for developers and cybersecurity consultants to keep things compliant with the GDPR. Internet users will not enjoy the user-friendly experience of the web as much with each click bringing alerts and notifications about data rights and usage.
Should the US adopt the GDPR?
Organizations should take more responsibility for sensitive data and the vulnerability of their systems. Equally stated, there should be more of a push toward the requirement for users to have consent over what info they share and how it’s being used. But to compromise the ease of browsing with a pop up in almost every link will make internet users wonder if the trade off is worth it.