#EuropeanUnion’sGeneralDataProtectionRegulation, #(GPDR), #DavidMartinRuiz; #KirstenThompson
May 26, (Canadian-Media): European Union’s General Data Protection Regulation (GPDR), which came into effect on Friday, as a defining moment for the digital economy, are a complex set of laws, said Data-privacy advocates, which empowers users more control over their personal information and check Big Tech companies to track users across the web, media reports said.
EU GDPR Institute. Image credit: Facebook page
But others warn that the rules would reportedly would help social-media giants Facebook and Google to consolidate their digital power even further.
Privacy critics said GDPR also required companies to get consent from users before they gather their data and also explain them in plain language what they plan to do with that information.
The GDPR had thus made it harder for companies to collect personal data, such as names and e-mail addresses, to browser cookies, IP addresses and location information.
The new law can fine companies up to 4 percent of global revenues, or €20-million ($30-million), for the most serious privacy breaches.
Companies must also notify authorities of a data breach within 72 hours.
“There is no doubt for us that the GDPR is a game-changer, and that it will require companies to change their mindset and put the privacy of their users first,” said David Martin Ruiz, senior legal officer for the European Consumer Organisation, an umbrella group of consumer watchdogs.
While the GDPR only applies in the 28 EU member states, the laws have implications for any company that collects data on European residents, even if they are headquartered abroad.
Foreign companies that offer services or collect data on users in the EU who don’t comply with the new laws could potentially face the same steep financial penalties as businesses based in Europe.
Canadians clients failed to understand what the rules meant for them.
Much of the public attention has focused on tech companies, but the law applies to a wide array of firms that operate in Europe. “I have everything from regulated professional colleges, right through to construction companies,” Kirsten Thompson, a lawyer with McCarthy Tétrault who specializes in data issues said.
Some Canadian firms wrongly assumed they were outside the reach of the European laws, she said.
Canadians believed that existing federal privacy laws were already in line with some aspects of the GDPR.
But the federal government would reportedly have to overhaul its legislation to avoid Canadians firms blocked from accessing customers in Europe.
“One of the criticisms of GDPR is it imposes another state’s laws outside its own borders,” Ms. Thompson said. “I expect there will be litigation around that.”