The GDPR, or General Data Protection Regulation, is a set of privacy laws passed in the European Union concerning corporations’ collection of personal data. The regulations are considered by many to be the greatest change in contemporary data use policies in the EU in a decade.
The GDPR creates, compared to current regulations, stringent laws designed to protect individual citizens. The new guidelines emphasize transparent practices. Under the GDPR, citizens have clear rights to access data collected about them. Among the droves of new directives, there are are also mandates for companies to retrieve consent from users about data collection, and fines corporations will face if they don’t appropriately comply.
The GDPR is a significant change to the internet landscape, which has operated for many years with little regulation regarding data collection or oversight. In order to properly comply with the new guidelines, many companies had to make considerable overhauls to their existing policies.
While the GDPR is an EU law, it affects any company with users within the EU, which prompted many global platforms like Facebook, Google and Twitter to announce changes to their privacy deadlines before the May 25 enforcement deadline. In this way, the law has already affected American citizens, even though it does not make any legal changes to US Data collection policy — essentially, American users will benefit from European countries taking a stronger stance on privacy and personal data collection.
Without that context, you may have scrolled idly through whatever update popped up on your email or social media platform without taking note of the details and how policy changes will actually affect the user experience. To give you an idea at the kind of shifts you can expect, we’ve compiled some of the major changes announced by commonly used sites Google, Facebook and Twitter below.
While the layout process of Facebook’s policy changes has been criticized as encouraging users to keep security settings lax, the platform has announced certain changes before the compliance deadline for GDPR. The site now asks users to agree to new terms of service, and if they want to share personal information such as political affiliations and relationship status. Facebook also gives users an option to opt out of giving companies your external web activity to serve you targeted ads. The GDPR also reinstates the optional use of facial recognition, and updates parental controls.
Twitter also has increased transparency regarding personal data collection. They rolled out a notice with an updated, more clear policy in plain language that explains data collection practices. With the new update, they also offer users a chart which spells out the legality of collected data. Users are pushed to different sections of personal settings, which allow them to adjust and personalize data collection preferences. In the Twitter settings section regarding data, users have the option to opt out of personalized ads, as well as prevent sharing of personal data with Twitter’s partners.
Of course, these three examples are just scratching the surface of what the GDPR has already forced companies to do. While websites work to get up to speed on complying with the regulations, it’s possible you’ve already received dozens of new privacy updates. If you were alarmed, don’t be — this is a good thing.