This is a significant update for anyone in the EU with a smartphone, computer, tablet, smartwatch, linked home alarm system, or any other connected device (via the IoT, or internet of things), because it means new and better privacy regulations for everyone.
While the GDPR is meant to help the general public in Europe, most people don’t even know what those letters stand for, how it is going to affect their privacy, and what the regulations are all about. However, there is a much simpler solution that sometimes gets overlooked. Here’s everything you need to know about the EU’s GDPR and why you don’t really need to know anything about it after all.
What Exactly is GDPR?
To begin with, let’s explain exactly what the GDPR is and what it’s meant to do. The GDPR, or the General Data Protection Regulation, is a body of laws that dictate what private data can and cannot be used for, how it can be collected, and what is even allowed to be collected. The primary objective of this new regulation is to protect the privacy and safety of the European public, and the biggest area of concern for these governances is the internet. As people crave more convenience and instantaneous reactions online, they unwittingly hand over sensitive information such as credit card numbers, and home addresses without even realizing it. The GDPR is meant to protect people by regulating who, what, where, when, and how this information is gathered, saved, used, and shared. In short, the GDPR is what prevents just about any internet-connected body from gathering all of the private data available about European residents and putting together a startlingly personal (and dangerous) file with your name on it.
The new regulation is not just a “friendly suggestion,” as was the previous European Data Protection Directive. Instead, this GDPR is a full-fledged law and violators will be prosecuted.
What GDPR Means for Users
Many of us will still remember the sting of having a once-sacred haven of safety breached. When tens of millions of Facebook accounts were hijacked to create psychological profiles in an attempt to sway the presidential election, members were appalled. What’s more, it left a huge question about internet privacy and how, or whether at all, people’s information was being protected. Don’t be too hard on Facebook though, there are so many other big names that have been involved in privacy breaches and scandals over the past few years as well, including Hotmail, Sony, HealthNet, Target, Disney, and General Motors.
The GDPR is good news for European users in general, though. According to the new GDPR, data collection covers any information that identifies the person, directly or indirectly. So, that could mean anything from bank account details (very directly) to a screen name or IP address (indirectly). Here are a few key points you’ll be happy to hear about:
There are 6 different ways in which it is legal to process users' personal data, one of which is consent. Anyone collecting data will now have to clearly state exactly what it is they are collecting, why they are collecting it, and what they intend to do with the data they’ve collected.
Easy to Withdraw Consent
Unlike traditional forms that relied on legal loopholes to frustrate people into giving up on withdrawing their consent, now companies must make it easy to withdraw their consent if they change their mind. This is only legal if the collection of data was consensual in the first place.
Companies that breach this regulation can face heavy fines of either 20 million Euros or 4% of the company's worldwide annual revenue of the prior financial year (the higher of which). This means that larger corporations can likely get away with a lot more without feeling the consequences as much as smaller companies.
Companies have 72 hours to notify the relevant supervisory authority in case of an information breach. It is hoped that this will prevent zero-day attacks from spreading further and causing maximum damage. There is exception to this law if a data breach does not hinder the rights of individual users.
What Do We Not Know About GDPR?
So, the EU GDPR is a great step in the right direction for better public data privacy and safety, but it is far from foolproof. There is a lot of controversy surrounding the new laws and just as much confusion. For one thing, you can expect to find untold issues arising from having a DPO (data protection officer) in one region that is in control of several other regions. Just the language barrier alone could cause enough problems to make your head spin. Add to that the various sub-laws and regional disputes that will arise, and you have a tremendous headache from the start.
Additionally, requiring companies to hand over any collected data to any citizen who requests it (data collected about themselves of course) is a recipe for disaster, giving the general public carte blanche to run companies into the ground trying to keep up with such requests. Finally, all of the regulations, cross-border disputes, legalese, and conformity checks will have most businesses tied up in red tape indefinitely, making the normal business flow come to a screeching halt.
How to Benefit from the GDPR from Outside of the EU
Most readers will probably have a question at this point. The GDPR is solely governing countries within the European Union (though the UK plans to roll out a similar privacy law structure eminently as well). So, what about people from outside of the EU? Are we left stranded without anything to protect us? On the contrary, there is a laughably simple solution that makes you wonder what all the fuss about the GDPR is anyway.
A VPN is a quick, easy, and inexpensive way to hide all of your information whenever you connect to the internet. With a service like ExpressVPN or NordVPN, you can use all aspects of the web with total anonymity.
Why a VPN is Good to Use Even Within the EU
Truthfully, even if you’re living in the EU, a VPN is helpful and a smart idea. The GDPR is a good start toward protecting the public’s privacy, but it isn’t as foolproof as it should be. After all, if a company wants to collect your data or misuse it, they still have the ability to do so. When you use a VPN, however, the information is protected behind a virtual barrier, so nobody can see, read, or collect your data, even if they wanted to.
Other Benefits of a VPN
As an aside, a VPN is helpful for several reasons other than protecting your data from being collected. In fact, people use VPNs every day to:
- Get around pesky geo-restrictions. These are internet blocks that won’t allow you to access certain sites or web content from specific areas. For example, if you can’t reach your Netflix account when you’re in Hong Kong, it’s because of the geo-restrictions. A simple VPN will let you log in without a second thought.
- Check your Facebook account at work but can’t because of site-blocking in the office.
- Hide your identity when visiting questionable sites. Sometimes you may just want to remain anonymous, and a VPN is the perfect way to do it.
- Share files privately. This could mean sensitive work data or just pictures of your vacation that you don’t want the world to see.
- Protect your information while using a public hotspot. Free WiFi is too tempting to pass up, but it’s a gateway for hackers and con artists to steal your information. A VPN is a simple solution that keeps your data safe even while you surf those choppy waters.
- Keep marketers, government agencies, and pollers at bay. Nobody has a right to your private information, that is the crux of the GDPR. When a VPN is running, you don’t have to worry about anyone collecting your data at all.
What to Make of the GDPR
In short, the EU GDPR can help protect public privacy, but it is going to take years to iron out all of the wrinkles in this plan. And by then, it is likely that the entire face of the internet will have changed and new reforms will be necessary. Alternatively, VPNs have been around for almost as long as the internet has, and they’re not going anywhere. Check out one of these reliable services to get your data protected and yourself surfing the internet safely and anonymously today.