Data Protection and GDPR

Do you know how your data is being used?

The most important thing an individual can do to understand how their data is used is to limit the information they provide. People by nature desire to be helpful. They click and respond quickly without a thought. Stop and think before you click.

If all of the information is truly required, read the sites Privacy Policy carefully.  GDPR compliant companies are now required to provide details of what they collect, the purpose, and the ability to “Opt Out.”  When in doubt, you have the right to request that your personal information be purged from their systems.

How can you limit the amount of data social media companies collect about you?

Again, stop and think before you voluntarily provide any information. Is it truly necessary to disclose where you live, your sex, your eye color, your birthday, etc.  In most cases, absolutely not. If your goal is to limit the amount of your personal data on social media, make the decision up front to keep it private. The use of disposable email addresses and screen names is a great place to start.

Most GDPR coverage focuses on businesses and their restrictions, but what does it mean for the individual?

Individuals now have a choice of what they provide to a business and how it is used. Take advantage of the Privacy Policy disclosure and “Opt Out” options, as needed. GDPR is not a perfect solution, but the fines for non-compliance are steep. Your data is likely “safer” than it has ever been since these companies no longer can freely and recklessly store and share your personal data.  

Companies required to comply with GDPR are forced to implement controls that in the past, were too expensive to consider. With new fines of up to 4 percent of annual worldwide turnover or 24 million dollars (whichever is greater), the cost of the risk is now far more than the cost of implementing the controls. This translates into greater protection for the users.

What should everyone know about GDPR?

Although GDPR was created for the protection of EU users only, the improvements that companies were forced to implement have a global benefit since most controls protect the entire environment and not just EU specific users.  

The deadline for compliance is now upon us, but the controls and processes are not mature or effectively tested. It may be years before we learn the true benefits and effectiveness of the new protections that have been put in place.

Continue to be cautious with everything you choose to provide on the web or any form of media. GDPR is not a silver bullet.