The general data protection rules (GDPR) is currently buzzing around the internet. There are mixed feelings about what GDPR means to organizations and individuals around the globe. My opinion is that GDPR will help to clean up some dirt that has accumulated and is still accumulating on the internet. European Union is just facing the fact that the internet has reshaped human lives, institutional regulations, and even cultural settings. Internet commerce and social networks swooped on the human race like a big joke. Is the effect of the internet on the human race a joke? Many state governments for sure did not take the internet serious. In fairness, nobody knew the depth of what it will bring. Even as at now no one is sure of what the future holds, even as it trashes business processes, principles and societal values. GDPR is here to try to clean up internet activities as it relates to managing and sharing personal information of users. Critics think that it is too sudden, but read the timelines below.
- Oct 1995: GDPR predecessor The Data Protection Directive (95/46/EC) is adopted
- Oct 1998: The Data Protection Directive is enforced
- Jan 2012: GDPR draft proposal is released
- Mar 2012: Article 29 Working Party releases opinion
- Oct 2013: European Commission’s LIBE Committee backs new rules
- Mar 2014: European Parliament votes to support GDPR
- Dec 2015: Trilogue reaches agreement to put forward reform
- Apr 2016: GDPR is adopted by the European Parliament and the Council of the European Union
- May 2018: GDPR is enforced
Irrespective of the size of your business, it will be good to ask questions about what you need to do become compliant. Even if you just a hobbyist blogger, you may be affected if you collect and process personal information. There is a need to review the terms and conditions of your site. Contrary to the news circulating on the internet, your legal departments are not the only ones that have work to do for GDPR compliance. Every aspect of an organization will need to be appraised. Business processes may need to be revised to ensure continuous compliance with the GDPR requirements. GDPR came to the European Union, but the borderless state of the internet made it imperative that every online service provider should review how personal information is collected, stored and managed.