General Data Protection Regulation

-

Our data is all accross the internet and in the databases of all institutions/companies we ever dealt with or services of which we used. But is our data secure?

With businesses collecting and using increasingly large amounts of customer data using IT tools, the last few decades have found it increasingly imperative to make effective laws to protect user data. Cyber crimes like identity theft, misuse or sale of personal data to advertisers, account hacking, data leaks from company databases etc. are all on the rise and we need measures to counter this menace...

A major stride forward in this regard has been the General Data Protection Regulation, which was implemented in the European Union in 2018. The General Data Protection Regulation is a regulation which addresses data protection and privacy in the European Union ( & Economic area) and the transfer of personal data outside the EU/EEA.



KEY DETAILS

Purpose- Data Protection and Privacy Law.

Type- Regulation (No flexibility unlike directive)

Applies to- Any Enterprise processing personal data of EU citizens and the subjects I.e. EU citizens.

{Personal data includes Name, Location data, IP address, Cookie data etc...}

Made by- European parliament and Council of European Union.

Completed- 14 April 2016. 

Implemented- 25th May, 2018. 

Supersedes- Data Protection Directive laws of 1995.

Implemented by- Regulators of concerned country in EEA (such as Information Commissioner's Office in the UK)

AIM

GDPR aims to give individuals control over their personal data and to simplify the regulatory environment for international business by unifying the data laws within the EU. 

CONTENTS

The GDPR contains provisions and requirements related to the processing of personal data of individuals in the EEA and applies to any enterprise that is processing such data, regardless of its location.

It has eleven chapters dealing with general provisions, principles, rights of the data subject, duties of data controllers or processors, transfers of personal data to third countries, supervisory authorities, cooperation among member states, remedies, liability or penalties for breach of rights and other final provisions.

While there are numerous guidelines within GDPR, some important points are-

  • The controllers and processors of personal data in these enterprises must apply sufficient technical and organizational measures to implement the data protection principles and must make mandatory disclosures about the purpose of user data collection, processing or sharing. 
  • They must also instate Data Protection Officers, improve system security and carry out regular audits for the same. 
  • Any data breaches must be reported to national supervisory authorities within 72 hours. 
  • Data subjects can ask for reports about their data use and also removal of their records in some cases.
  • Failing to comply with GDPR guidelines can attract heavy monetary penalties.

  • Key principles-

  1. Lawfulness
  2. Fairness and transparency
  3. Purpose limitation
  4. Data minimisation
  5. Accuracy
  6. Storage limitation
  7. Integrity and confidentiality (security)
  8. Accountability

  • Key Rights of subjects-

  1. Right to be informed
  2. Right of access
  3. Right to rectification
  4. Right to erasure
  5. Right to restrict processing
  6. Right to data portability
  7. Right to object 
  8. Rights around automated decision making and profiling

EFFECTIVENESS

  • Penalties under the GDPR totaled €158.5 million ($191.5 million) from 26 January 2020 to 27th January 2021, with Data protection authorities recording 121,165 data breach notifications (19% more than the previous 12-month period). This includes fines on large MNCs such as Google, H & M, British Airways etc...
  • In consequence of the GDPR regulation, users feel more secure about their data and privacy.
  • Multiple countries like Japan, Brazil, Argentina and South Korea have modelled their own data protection laws on its basis while GDPR has found a widespread approval from experts.


It may be concluded that GDPR has indeed positively impacted data privacy and security standards while encouraging organisations to develop and improve their cybersecurity measures. It is expected to be limiting the risks of potential data breaches and has also provided relative peace of mind to users pertaining to their privacy and data security. However, any conclusive inferences about the effectiveness of GDPR are yet to be vindicated.

Authored by- Praharsh Chaubey

Location: India

Comments

Post a Comment

Popular posts from this blog

Top 10 SEO Trends in 2022

-
Image
  Top 10 SEO Trends To Boost Your Marketing In 2022 Are you looking for the latest SEO trends in 2022 to boost the rankings and traffic of your website? The internet houses over 1.5 billion websites while over 56 billion web pages have been indexed by Google so far. Hence, you can well understand how difficult it is to rank your website in the first page of Google. But there is always a way out! This is where Search Engine Optimization techniques like keyword addition, website optimization, backlink building etc. have proven their effectiveness. But SEO is itself becoming an area of rising competition as numerous businesses strive to make the most of it!  As a result, it is now important to get ahead of traditional techniques & tune in with the latest SEO trends that give you that added competitive edge. So, here are the top SEO trends in 2022 that you must explore to maximize your online visibility and sales- Growing importance of first party data collection With Google removing s
Read more

Research report- Top 5 digital marketing techniques for startups

-
Image
  5 BEST DIGITAL MARKETING TECHNIQUES FOR A STARTUP( Whitepaper Report by Praharsh Chaubey-Summary) Digital marketing  is the use of digital devices and the internet to create and stimulate demand for an offering or to build/improve a brand image.  In modern times, businesses are supplementing traditional marketing techniques such as advertising on print media, televisions, direct marketing by salespersons etc., with digital marketing techniques which are considered more cost effective and efficient. Almost all businesses are part of this trend but here, let's look at the case of startups more closely... Startups are often built on strong ideas, but usually start with low financing, established competition and have no reputation or recognition in the market. This forms a significant hurdle in effectively marketing the business's offerings (products/services). Its no wonder a majority of startups fail before getting profitable.  However, with the right offerings, management and
Read more

Modern business leader

-
Image
  A business leader  is the person who guides and inspires a company's employees towards a common business goal. He/she is mostly in a powerful position (CEO, Founder...) and uses the requisite powers to direct and manage the activities within the business to ensure that business goals are met.  The leader also keeps all Stakeholders (investors, employees, shareholders etc.) informed and motivated to work in that direction using managerial powers as well as soft skills like persuasion, communication, empathy etc. The conventional qualities  of a good business leader are- The business leader's role is indeed vital during the course of business and hence the above qualities are crucial.  But it has primary significance for bringing about organizational change and maintaining its flexibility to ensure the achievement of its vision and mission in a dynamic environment. This is the demand of modern business and the qualities of leaders must be honed accordingly. So what are these pr
Read more