On the 25th May 2018 the General Data Protection Regulations (GDPR) will come into force. These regulations apply to any businesses globally that controls or processes personal information of an EU citizen.
How do we share data?
In the early days of the internet we were always told not to put personal information online as people will try to steal it. The fear was that criminals will impersonate you, use the information against you or make a run on your bank account. The scariest one of all was the risk you were taking if you physically met someone you spoke to online. Fast forward 20 years and although the risks haven’t changed, things are very different.
We now share our name/email/phone number with the majority of people we spend any time with. We are electronically connected at all times to work/family/friends that can see what we are doing, where we have been and what we had for dinner. We even marry people we meet online and give our fingerprints when we go on holiday.
Things aren’t much different in our professional lives. When we attend an interview we are often asked to bring proof of ID, proof of right to work, proof of address etc., for a job that you don’t even have yet. If you buy/sell property, you will probably be well aware of the personal information you have given to numerous different institutions as part of standard due diligence.
Why are these rules coming out now?
With the rapid evolution of technology, our existing data protection models are not serving us well. We are also seeing increases in cyber-attacks and systemised sophisticated hacking of data for financial gain, along with significant data breaches that have affected millions globally. One of the aims of the GDPR is to give back control of a person's privacy to the data subject (e.g. your employee, customer, prospect) and design a system that is “fit for the digital age”.