Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
Itâs rather like the effects of smoking, or slouching, or eating too much sugar. You know you shouldnât do it. You know itâs bad for you. But there are so many other things that can kill you first, right? When you spend so much time chasing customers and crafting marketing campaigns to attract and retain them, whatâs a little laxity with your data policy going to cost? Quite a lot, actually.
The GDPR (General Data Protection Regulation) is that deadly threat that most companies know about but somehow always seemed so far away. But todayâs the day, and companies that do any kind of business with EU citizens had better get compliant â or get their checkbooks ready.
What Are the GDPR Changes Again?
There are volumes of information you can read on this, starting with its official site, but briefly, the GDPR aims to protect EU citizens from data breaches and safeguard their privacy. This theoretically means that no more incidents like Cambridge Analytica will happen again (or if they did, they would be heavily penalized).
Yet the purpose of the GDPR isnât to cripple businesses; itâs to create a clear and consistent framework for them to work in.
Here are a few of the aims of the GDPR:
- Give citizens more control over their personal data
- Have clear data rules to provide a framework for companies in the EU
- Levy hefty penalties for non-compliance and data misuse
 Data Rights for Citizens
If you reside in the EU, youâre probably tired of the steady flow of emails from companies begging you to opt in to their newsletters, spam offers, and updates. Itâs rather like poetic justice and a somehow delightful feeling to know that you finally have some power back in your hands. Especially when you never realized that youâd opted in to weekly mail blasts in the first place.
The GDPR ensures that consumers give their âclear and affirmative consentâ when it comes to how their data is processed. They have the right to know how it will be used and why and who will receive it. They also have the right to be âforgottenâ, meaning that their information can be deleted upon request, or transferred to another service provider. Companies must also inform consumers if their data has been hacked.
Itâs a noble move on the part of the EU to protect its citizens. However, the likelihood is that, in the end, theyâll get so tired of clicking through acceptance policies that theyâll stop reading them anyway. Just as ICO investing should probably come with some sort of a disclosure, but you probably wouldnât read it anyway â though you couldnât say you werenât warned.
In a statement released yesterday, VÄra JourovĂĄ, the EUâs Commissioner for Justice, Consumers and Gender Equality, said that âpersonal data is the gold of the 21st century,â but we are too freely giving it away, particularly online:
When it comes to personal data today, people are naked in an aquarium. Data protection is a fundamental right in the EU. The new rules will put the Europeans back in control of their data.
If Youâre Not in the EU, It Still Applies to You
You donât have to be based in the EU for the GDPR to apply. Just think about Facebook, Twitter, or any tech company with far-reaching audiences. Any company doing business with the EU needs to get with the program â and fast.
Fail to produce the right information or treat your EU customersâ data with care, and you can expect a warning or a fine of up to 4 percent of yearly turnover. Writing up a new privacy policy page on your website isnât enough to be considered GDPR compliant.
Moreover, with the GDPR, the EU is looking to set a global standard and ensure citizensâ fundamental rights. And if it proves successful, it may be considered by other countries, including the US. There is even a new set of rules for data processing when it comes to law enforcement.
Itâs Not Too Late to Act
Until the EU really tightens the narrative and companies begin to catch up, you still have time to get your company GDPR compliant, but donât waste another moment. There will be no mercy for the company that suffers a cyber attack compromising consumer data that they should never have had in the first place. That kind of happening could see companies go out of business fast.
Yet, despite the timetable of two years to get complaint (and years of preamble before it), many companies fail to understand the implications. And it seems that very few companies are actually 100 percent GDPR compliant today, especially smaller businesses which may assume that the GDPR doesnât affect them.
In fact, according to a report by The Verge, virtually no one is fully GDPR compliant, including the regulators. Moreover, at least 60 percent of tech companies are not GDPR compliant.
Furthermore, many companies confuse GDPR compliance with security, yet cybercriminals are becoming more adept each day at stealing personal data.
The Takeaway
Even after getting GDPR compliant, companies will need to perform continued security and compliance assessments to ensure that the data theyâre fighting so hard to protect doesnât end up in the wrong hands.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.