Tic toc, tic toc—back and forth swings the privacy pendulum. While we in the U.S. continue to regress on issues of data privacy, the European Union (EU) is proceeding with bold steps to protect the privacy of its citizens. On May 25, 2018, the General Data Protection Regulation (GDPR) becomes the law of the land in the EU. It applies to any company that processes or holds data on EU residents, regardless of where it is located in the world. Popular applications such as Facebook, Twitter, and Airbnb are among the companies that will be directly impacted by this law. If you do business with EU residents, regardless of geographic locality, this law directly applies to you.
GDPR law will apply to both the company that holds the actual personal data and the company that processes an EU resident’s data. Violators of GDPR may expose the offending entity to fines of up to 4% of worldwide revenue or 20 million euros, whichever is greater. Larger organizations have a lot to lose, so it is of paramount importance that they start preparing for these new requirements.
Read the article here.