On May 25, 2018, the European Union’s new General Data Protection Regulations (GDPR) will go into effect. The GDPR laws are the result of years of lawmakers’ efforts to create a system that is prepared to protect consumers privacy and information against the data breaches and security threats that have been steadily increasing across the web.
To help you make sure you’re ready for the changes GDPR will bring, this week’s installment of XYZ’s Internet “How-to’s” is all about GDPR; What GDPR is, Why GDPR matters, and how you can prepare for GDPR’s implementation.
GDPR is the EU’s set of rules and regulations that are designed to protect EU consumers online from identity theft, invasion of privacy, and leaks of personal data into the hands of malicious actors online. The GDPR provisions regulate organizations or businesses that collect, transfer or process consumer information online, especially sensitive information like names, addresses, credit card numbers, and more.
GDPR regulations ensure consumers’ data remains safe by placing legal obligations on any business or organization online that handles that information. These obligations include things like making sure the organization keeps records on how they process data and even harsh legal penalties for organizations that are subjects of data breaches.
If you’re a business owner with a client base in the EU, you must prepare to abide by the new laws before May 25 or be subject to fines. The number one priority you should have is to get in compliance with the laws, if you haven’t already. You should also prepare your organization’s data collection methods and data storage systems. Send your consumer’s opt-in privacy notifications and tell them how you will protect their data.
Most importantly, invest in the cybersecurity of your company. There are many cybersecurity best practice guides available online, but if you need to look further and enlist outside help via a cyber protection service, don’t hesitate to do so.
As an individual preparing for GDPR, your main concern should be to take note of the opt-ins that you receive from companies who have your information online and make sure that you approve of how they will be handling your information. If you don’t feel comfortable with the measures they are taking, it is your right to opt-out and have your information removed from that company’s database.
Be careful, though, when completing privacy opt-ins. Since many companies are sending these privacy opt-ins via email, scammers and fraudulent agents are seizing this time of increased security opt-in emails to pose as companies or organizations and trick consumers by into giving over their personal data. Remember, a legitimate company sending a privacy opt-in will NEVER ask for personal information like your name, address, or credit card number. You should also check the email address you received the opt-in from, and make sure it matches the company or organization’s website.
Security is of the utmost importance online, so consider protecting your domains by adding registrar locks on them. This will give you an added layer of control over your domain and ensure it is not taken or falls into the wrong hands.
Similarly, you should also consider adding two-factor authentication on your domains. This will ensure that you are notified any time someone is trying to access your domain name, and you can detect suspicious behavior right when it happens and keep your domains safe.
GDPR is set to have a far-reaching effect on the internet, but if you follow this guide you will be knowledgeable of the coming changes and ensure you are prepared for them. Be sure to read our past “How to” posts if you’ve missed any, and stay up to date on all things XYZ by following us on Instagram. We’ll be back next week with another internet How To, so be sure to stay tuned to our blog for more!
*Nothing in this blog post constitutes legal advice.