Emma Ann HughesMay 18 2018

Why GDPR fun has only just begun

twitter-iconfacebook-iconlinkedin-iconmail-iconprint-icon
Search supported by
comment-speech

General Data Protection Regulation comes into force on 25 May. 

This regulation represents one of the biggest changes to data protection rules in two decades in the UK. 

No longer is it OK to simply gather, skim, save and share indefinitely data on how many cigarettes you smoked (supermarkets with their loyalty cards), relationships that have failed (social media) and how many times you listened to the Tweets' ‘Birdy Song’ (music streaming sites).

The European Union’s GDPR website explains that the legislation is designed to harmonise data privacy laws across Europe and give greater protection and rights to individuals. 

This means that all businesses that hold and process personal information must have proper processes and policies in place for handling this type of data from Friday.

The size of fines potentially levied under GDPR rules for failing to make sure you are sensitively handling data from Friday onwards is up to 4 per cent of global turnover for large businesses.

There is no long stop and you don’t want to be left liable for paying a compensation bill.

This has brought this regulation to the attention of board members and filled my email inbox with messages stating: “You currently receive our emails about our latest news, events and case studies and we want you to continue to benefit from receiving these. 

“In order to stay ahead of the curve with this information in your inbox, you need to opt in to receive emails from us.” 

If I receive one more of these emails I am sure I will scream.

Ultimately while the deadline is nigh, really the hard work of the General Data Protection Regulation has only just begun.

In the days ahead it will be interesting to see how many of you receive requests for data erasure and how you go about challenging these demands given that there is no long stop and you don’t want to be left liable for paying a compensation bill.

Also, I would say it is vital you monitor that just because someone didn’t opt-in to receive your email or text message, this doesn't necessarily mean they were happy to stop receiving it.

emma.hughes@ft.com