GDPR and Its Implications

Introduction

• Recent increase in emails requesting consent to stay on mailing lists.
• These emails are due to GDPR (General Data Protection Regulation).
• Described as the biggest shake-up of data protection laws in a generation.

What is GDPR?

• New EU data protection rules.
• Aimed to give control over personal information to ordinary people.
• Covers data that could identify individuals like name, contact details, location, race, and sexual orientation.
• Companies must prove they have lawful reasons for holding such data and keep it safe.

Why All the Consent Emails?

• Companies need to prove user consent to keep personal data.
• Some experts argue companies might not need to send these emails.
• Valid past consent might still be relevant.
• If no response to emails, companies should delete your information.

Why Companies are Concerned

• Potential penalties: Up to 4% of a company's annual turnover.
• Serious breaches could result in multi-billion pound fines.

New Powers for Individuals

• Companies must be upfront about data collection and consent.
• Obligation to inform users about data breaches within 3 days.
• Right to access your personal data.
• Right to be forgotten, except for hospitals, government agencies, and journalists.

Impact Beyond the EU

• UK to integrate GDPR into British law regardless of Brexit outcome.
• Companies outside the EU with operations in Europe or storing EU citizens' data must comply.
• Could influence global data protection standards.

Trust and Criticism

• Some see GDPR as an opportunity to rebuild trust after data scandals (e.g., Cambridge Analytica).
• Critics argue GDPR is vague and contains loopholes.
• Concerns about increased business costs and potential higher customer prices.

Conclusion

• Governments recognizing the importance of data protection.
• Start of significant changes in how digital information is handled.