have you been getting more annoying emails unusual lately mainly asking you if you want to stay on a mailing list you don't even remember joining yeah sound familiar say hello to gdpr is being described as the biggest shake-up of data protection laws in a generation giving ordinary people and precedented control over the information companies hold on us so what is gdpr and what does it mean for you hello everyone and welcome to so wat where we look at the stories that you should know about we've done a few of these now and you should definitely hang around to watch a few more videos when this one's finished we're looking at everything from the Iran nuclear deal to South African land reforms to student riots and Paris so like and subscribe and make sure you're getting the latest videos from us and if you have a story or idea that you think we should do then leave us a comment anyway let's talk data your data in particular all those emails from companies desperate pieces they're on their mailing lists that's not some weird PR strategy it's all because of a massive change in EU data protection rules which kick in soon the general data protection regulation which is way too long so let's just say GDP our instead so what's the reason for these new laws today nearly every part of your life can be digitized tracked and logged every picture every journey every purchase even every heartbeat more and more of your personal information is collected stored and traded by companies and governments the new GDP our regulations cover things that could identify us so your name contact details the location of your computer and personal data like race and sexual orientation from now on organizations will have to prove they have a lawful reason for holding that kind of data and even more importantly show that they're keeping it safe so what's with all the emails companies need to prove your consent if they want to keep your information about your name and email address on their system and that's why everyone's inbox is bursting at the moment but some experts don't think companies really need to send all their users emails at all if you find up for something can gave someone permission in the past it's probably still valid in some cases companies who are contacting might be acting illegally because if a company can't already prove concern they shouldn't be emailing you to confirm your detail we'll get more up-to-date information it's a bit of a mess but the good news is you don't have to worry about it too much because if you don't reply to the emails then that company should delete your information from their system in fairness it's not really surprising that businesses are nervous about GDP are the potential penalties for firms are massive up to four percent of a company's annual turnover so that would mean if the Silicon Valley giant commits a serious breach they could get slapped with a multi-billion pound fine it's a serious piece of legislation but it's supposed to empower the people who give companies their data namely you so what new powers do you get if a company has to ask for permission to store your data then they'll have to be much more upfront about it so no more check boxes with confusing questions designed to make you give away more information than you want or let's say a database of a site you use is hacked and the information is stolen the organization that was storing information on you will have to tell you about the hack within three days and you now have the right to see your own personal data if you think the dodgy company is holding information on you you can demand that they hand over everything they have as well as this right of access as a right to be forgotten in a number of cases you can actually get your data erased but don't get carried away that doesn't mean you can delete yourself entirely from the system hospitals government agencies and even journalists they're exempt from that rule so what says EU law what to do with you the UK government says it will bring the EU regulation into British law - regardless of how the brexit deal pans out but millions of people outside of Europe are going to be affected as well because companies that have operations in European countries all have to sign up to the rules along with organisations based outside of Europe who store data of EU citizens so gdpr is something that could affect the way the whole world thinks about data some campaigners say this is a chance for the biggest companies to rebuild trust with their customers after scandals involving the misuse of data you might remember when we went undercover to expose a company called Cambridge analytical they're accused of using personal data from Facebook users harvested without their consent to try and influence elections its data breaches like this that GDP are is supposed to stop Facebook have already said they're going to apply the EU rules to all of their users around the world Mark Zuckerberg said the social media giant needed to regain users trust after the Cambridge analytical scandal we didn't take a broad enough view of our responsibility and that was a big mistake and it was my mistake and I'm sorry but some critics say gdpr is too vague and contains loopholes that will still let big companies get away with hoarding your data others think the new rules will become a burden to business saying it will cost them money to hire new staff to deal with the rule changes and those cost might mean higher prices for customers in all on the scene nobody really knows what the long-term impact will be but it's a sign of the times governments are finally waking up to how much data companies thought about their citizens and what it should be used for this is just the start of a journey that could change the way you think about your digital information forever