On May 25th the GDPR was expected to be implemented by every company which do business within the EU. Its implementation has caused quite the stir in online communities and people, as they got long emails or messages or pop-ups on their favourite website to give consent to many different aspects of their online use of the website. Many voices are heard (or rather read) which blames GDPR that they steal their data or invade the privacy of every online user. Not to mention other organisations which holds personal data like post services, banks or estate agencies.
Is it true that GDPR steals our data? Is it true that it invades our privacy? Here are the most often heard misconceptions about GDPR and their proper explanations in layman’s terms:
Misconception: GDPR is invading our privacy, want to control our data.
GDPR stands for General Data Protection Regulation. In its very name states that it is meant to protect private personal data and information, and it its one of the most advanced data protection law ever conceived. It covers most aspects how to be transparent and how to ask clearly and understandably what data you provide to the company you dealing with. Do you skip the small lettered and many time long and unintelligible Terms and Conditions pop ups? 90% of the people do so. These legal gibberish are actually contracts which you digitally sign to access the service you wish to use. GDPR actually enforces companies to make them as plain and understandable as possible. It is in fact protects the user not companies. GDPR never requests data: quite the opposite in fact, it enforces companies to minimise data collection.
Misconception: GDPR wants to make non-European business a disadvantage
GDPR is enforced all companies, institutions, organisations which
Founded in the states of the EU
Operates within the border of the EU
Collects data from any private persons who is registered to live within the borders of the EU
In other words, if you live in London for example no matter that you are shop in an e-commerce website from Italy, Ireland, US or China the website has to oblige to the GDPR. If you live in the US as an EU citizen and buy something on a US website it has no obligation to the GDPR. It doesn’t give any extra advantages to European businesses, as it is covering all businesses within the EU borders. If you want to collect data in the EU, you have to oblige. Simple as that.
Misconception: GDPR is the new Net Neutrality attack by the EU
GDPR has nothing to do with internet usage. It has everything to do with data collection. The EU was one of the first state which laid in law to provide equal access to internet to every one of their citizens. Net neutrality is the default position in the EU.
GDPR causes problems to only those, who collect data from private persons without their consent or knowledge. This is not true for an other state in the world. If you will see any change, it will be lot less spam and lot less data leak. (The only one who recklessly and carelessly gives access to your data will be you, you know those Terms and conditions and Consent buttons.)
Misconception: GDPR helps the EU monitor the companies and customers online activities
The EU doesn’t monitor anything. Companies have to comply with the law. And when a company breaks a law they will be punished accordingly. The recent years’ data leaks led to the harsher regulations as scammers and shady organizations did not had to follow tight regulations regarding data handling. The latest scandal at Facebook is a typical example of this, as out of the 54 million users 24% was European citizen. The EU tries to stop these data leaks. None will watch the online activities as it would be not only very expensive, but almost impossible too. The legal background will make these leaks much more clear cut, and the punishment of careless data handling harsher.
Misconception: GDPR is anti-business and anti-capitalist
In a point of view it is. It protects private persons. It enforces business entities to behave fair and transparent. As every citizen has to pay a parking fine if they park in when they are not supposed to GDPR is a law for responsible data handling. Those, who handles data without expressed consent pays the fine (a lot).
Misconception: GDPR is a new form of taxation
In the latest EU calculations their income from fines and enforcement will increase the EU budget by 0.00000003%. Go figure. They would be better off, just to create internet tax of 1%...
Misconception: GDPR is against the international conventions because it is enforced all over the world
The GDPR is enforced only within EU borders. As the internet has no technically borders, GDPR defined EU by their private citizens and residents. It is enforced to only those companies who want to conduct business with EU residents and citizens. It is not enforced on US or Japanese residents. It is enforced on US or Japanese companies want to do business with EU residents.
From May 25th within the EU private persons have a lot safer environment to surf the net. The only person who they can be blamed to give away data is themselves (companies will be punished).