What is GDPR? The huge European security regulation takes effect this week
Gene Marks Special to the Washington Post
The European Union‘s General Data Protection Regulation, or GDPR, goes into effect on May 25
The objective of the regulation, which passed in 2016, is to simplify and consolidate rules that companies need to follow in order to protect their data and to return control to EU citizens and residents over their personal information.
Individuals in the EU will have the right to access or request that companies erase or migrate their data elsewhere. When asked, companies must prove to authorities that they have satisfactory policies and procedures in place to protect their data, or they will face huge fines. How huge? If your company’s not compliant, the fines could be as large as 20 million Euros (about $24 million) or four percent of your annual global revenue, whichever is higher.
“A U.S. tourist who visits Germany for one day and returns to the U.S. has rights under the law if that person used [a service like] Facebook while on the trip,” Alex Stern, an attorney wrote on his firm’s blog.
Mr GDPR : Interview with Giovanni Buttarelli
More on the European Privacy Law in this IMS blog