By Bo
The GDPR is a set of regulations set by the European Union to protect personal data of people living in the European Union, and is comprised of around 900 homogenous rules in the over 200 page long law. The GDPR stands for General Data Protection Regulation. It was first set on May 14, 2018 and went into effect on May 25, 2018. The GDPR, though based on the European Union, effects customers and companies worldwide. Any company that has customers living inside the European Union must rush to comply with the regulations. Users of companies can now request for the company to delete their personal data, and users of social media companies can request to delete posts. Companies that did not adhere to the regulations by May 25, 2018, have to pay the greater fine of 4% of annual revenue companywide or €20,000,000, which is $23,300,000 in USD. Some of the pros: The GDPR can help governments worldwide take back their control over data security, following recent major breaches such as the Uber breach of 2016 which exposed the personal information of 57 million users and the Equifax data breach of July 2017 which exposed the personal information of 143 million people. Cybercriminals are now exploiting any vulnerabilities they can discover in internet servers, and the GDPR can help act as a guide for companies on cybersecurity and data privacy. One of the GDPR’s main goals is to help GDPR compliant companies process data of citizens in the European Union without having to worry about divergent regulations of countries in the European block. The cons: The GDPR regulation will take a significant toll on many companies operating in the European Union. Companies will have to spend extra money to make sure all of their products comply with the regulations, as well as hire additional employees called “Data Protection Officers” that will make sure all of their products are customer privacy first. Another drawback is the increased data privacy and cybersecurity measures, which will mean much more work for developers. A major concern of companies is that they will fail to comply or still be fined or sued even if they are conformant. For example, companies Google and Facebook were both sued around $4,billion by Austrian activist Max Schrems, who claimed the companies coerced users into sharing personal data with them. The toll of the fines will be very substantial for all companies, and small companies could go bankrupt after being fined €20,000,000. Large companies such as Amazon, which had a revenue of 177 billion dollars in 2017 and Apple, which had a revenue of 230 billion dollars could lose up to $7 billion and 10 billion USD respectively. The GDPR is here to stay and will make companies accountable for sharing personal data without permission and data breaches. A decline in data breaches is expected in years to come but there other side effects that may arise.
