Some big changes are coming to online privacy, especially when it comes to companies like Google and Facebook.  The European Union’s General Data Protection Regulation (GDPR) establishes a new set of rules designed to give people more control over their data.

Think about how much of “you” is online.  Things like who you associate with, which songs you like, who your friends are.  While that mean seem rather mundane, the list also includes your name, address, credit card numbers, the purchases you’ve made, what you paid for your house, your driving record – the list is endless.  The amount of data that Google, Facebook, and advertisers have collected to target you is almost mind-blowing.

The new GDPR rules going into effect in May, 2018.  The biggest change is the right of individuals in the EU to request their data be deleted.  Any business that handles personal data about European citizens will have to comply, with significant fines for breaking the rules, or failing to follow them in a timely manner.  Fines can be as high as 4% of global revenues.

Failing to adequately protect from data breaches, failing to disclose breaches promptly, and allowing unauthorized disclosure of personal data can also result in fines and penalties.

It’s not just affecting the big online companies.  The Financial Times reports the financial services and companies that do business online, including medium-sized firms, will spend an average of $550,00 to ensure compliance by May.  For Fortune 500 companies, The Financial Times estimates they will spend a combined 7.8 billion dollars to comply.

It’s becoming tougher for companies that do business internationally. This year China enacted cyber security laws, which requires any data relating to Chinese citizens to be stores on Chinese servers.  Russia has a similar law.

Here’s just some of what’s covered in the GDPR:

  1. Companies must maintain silos to prevent data from being used for any purpose other than what it was gathered to be used.
  2. Citizens will be able to request whether (and what) data has been gathered and provide it to individuals.
  3. The “Right to be forgotten” means data must be deleted upon demand once it is no longer needed.
  4. Strict data protection rules to make data secure and prevent breaches

If you want to get an idea of what data’s being kept about you, you can download a copy of your Facebook data by going to the General tab under Facebook settings.

“We collect the content and other information you provide when you use our Services, including when you sign up for an account, create or share, and message or communicate with others. This can include information in or about the content you provide, such as the location of a photo or the date a file was created. We also collect information about how you use our Services, such as the types of content you view or engage with or the frequency and duration of your activities.” – Facebook Terms of Service

You can check out just a sampling of the data Google keeps on you by going here and logging into a Google or Gmail account.

Here’s what Google says it collects.

There are no such rules or regulations in the U.S.  As marketers continue to gather data – and marry things like online advertising tracking, credit card purchases, and location data from your smart phone, privacy continues to take a hit.

Here are some of the previous articles I’ve written about online privacy (or lack thereof) in case you can’t fall asleep and want something to help:

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s