General Data Protection Regulation (GDPR) – A gift from European Union
Written By: Shilpa Chaudhury
We live in a world, where we give our personal to very sensitive personal data on various online platforms. However, when we give away such data, we live under the veil that our data is used only for socializing purpose or for the purpose we have provided the data to these Companies. What we do not understand is that, our personal to very sensitive personal data are being compromised every second by some tech giant, to get the big money. The recent Facebook- Cambridge Analytica Scandal, has made it very clear that our data are being compromised every day. So, is there any way out or are we supposed to delete all the information that we have given on social media or any online platform.
We would like to highlight some of the provisions of GDPR which has sent the big Companies into frenzy. GDPR is the highest form of protection that is being provided to “Personal Data”. GDPR protects the data of the EU citizen, EU also recognizes that data can travel anywhere, so the protection to this data of EU citizens will be provided in any place where there data travels. GDPR also applies on the Companies which process data of EU citizens.
The person whose data is being taken is known as “Data Subject” under GDPR and the Company taking the data is known as “Data Processor”. Any breach or contravention to these rules will cost the companies penalty of up to 20 million Euro. The consent of the Data Subject is necessary, and the purpose for which the consent is being taken should be specified. The duration for which the data will be stored and if there is any third party transfer of the data, these information also should be provided to the Data Subject. The Data Processor, must notify the Data subject, about a Data breach that is likely to appear. This information must be provided within 72 hours of its discovery. Data processor is entitled to notify the Data subject about the data breach after first becoming aware of the data breach. Under GDPR, the Data Subject also has the right to be forgotten. For the protection of Children, GDPR includes parental consent for Children upto age of 16.
By making a regulation like this European Union, has again proved that protection of personal data is of paramount importance. It also highlights European Union’s approach in “Consumer First” point of view. However, when it comes to personal data, it becomes the duty of the citizens to give these data after due consideration, since these data are very sensitive personal information, misuse of these data will have adverse effect on the consumers.
For more information regarding International IPR, Contact Lex Protector ')}