In May 2018, the General Data Protection Regulation of the European Union (GDPR) came into force to improve the protection of personal data. The new General Data Protection Regulation is a before and after in the rights of citizens with respect to the government of personal data and privacy of citizens.
GDPR have made possible customers to work more personally with data centers by asking more about where their information is stored. The EU wants to give companies a simpler and clearer legal environment to operate, making the compliance with data protection law identical across the single market.
Some personal data may include information of great value to citizens and reuse companies, but its open publication may threaten user privacy. According to GDPR, European citizens must give their “clear and explicit” consent for the processing of their data. Therefore, no personal data can be published for reuse without the consent of the affected party or parties.
Let’s read how GDPR effect data privacy
According to GDPR, personal data is any information that serves to identify a natural person. With GDPR a professional email, an IP address or the information captured by cookies on a website are personal data.
The GDPR places greater emphasis on the documentation that data controllers must process to demonstrate their responsibility. Compliance with all applicable areas will require online companies to re-evaluate their organisational approach and how to manage data protection as a corporate problem.
Users will have the right to have companies delete their data from their internal records if so requested. The latter is one of the major concerns that companies must bear in mind.
As of the entry into force of the GDPR, when a client gives his consent to store and process his personal data, a complete record of how and when that consent was given should be kept, and that consent must be explicit, not inferred. Furthermore, as consumers can also withdraw consent at any time, the new regulations now involve immediate action.
When collecting personal data from minors based on consent, for example to use a social network or for a content download account, parental authorisation must first be obtained, for example by sending a notification to the parent or guardian. The age up to which a person is considered minor varies according to the country of residence, but is between 13 and 16 years of age.
In the current context, privacy is an unavoidable concern when it comes to open data. To make sure regulatory compliance, it is important to regulate and monitor data flows.