Across the United States and Europe, the act of clicking “I have read and agree” to terms of service is the central legitimating device for global tech platforms’ data-driven activities. In the European Union, the General Data Protection Regulation has recently come into force, introducing stringent new criteria for consent and stronger protections for individuals. Yet the entrenched long-term focus on users’ control and consent fails to protect consumers who face increasingly intrusive data collection practices.
Latest in GDPR
Since it took effect in 2018, the General Data Protection Regulation (GDPR) has become one of the toughest data privacy regimes in the world.
There’s a lot going on in the privacy and data protection world. But one of the most pressing issues is the uncertain fate of Privacy Shield, the framework governing the flow of data between the EU and the U.S. for commercial purposes.
May 25 is an important day. The shroud of uncertainty surrounding the General Data Protection Regulation implementation this Friday smacks of Y2K thrill. What is in store for us in a post-GDPR world?
First off, no, the GDPR is not the new and improved version of East Germany. It’s the new and improved version of the European Union’s EU-wide ambitious privacy regulations and a perpetuation of classic EU privacy values. It’s a very big deal not just for European companies but also for U.S. companies that do business in Europe.
On May 25, the European General Data Protection Regulation becomes law in all EU member states, repealing and replacing the EU Data Protection Directive. The GDPR aims to harmonize data-protection standards for digital personal data across Europe. However, while companies and regulators are scrambling to comply with the regulations by this date, this week is hardly the finish line.