GDPR: European tech firms struggle with new data protection law

Smaller organisations and companies are finding it difficult to meet the demands of the new law and face hefty fines if they get it wrong.

    The European Union has introduced sweeping new legislation to protect the privacy of its citizens.

    Known as GDPR - General Data Protection Regulation - it requires all entities to protect the personal data of all EU residents.

    European legislators have hailed the GDPR as ushering a new era in data privacy regulations, setting the stage for new standards in the wake of the recent Cambridge Analytica scandal and its harvesting of Facebook user data.

    Tech companies will be held accountable if they fail to live up to their responsibilities and could be fined up to four percent of annual global turnover if they breach the strict new data policy.  

    New rules

    Companies had until Friday to comply with the new rules, under which they must clearly ask for consumer's consent to harvest data, so they have to actively "opt-in" and be informed how their data is being used and for what purpose.


    Users who no longer want their personal data processed have the right to be forgotten and have their data deleted.

    Lobby groups and campaigners have broadly welcomed GDPR as a "reset button", calling it a wake-up call, for EU citizens to engage with some fundamental questions.

    "Do I really want to continue giving this company my data? Do I need to do that? Is it necessary for me?" said Julian Jaursch, of the Digital Society.

    "And to make a conscious attempt, or a conscious decision what data they share."

    But many companies are struggling to bring their operations to date.

    Susanne Dehmel, head of Legal & Security at Bitkom, Germany's digital association, said firms were concerned because they were not sure how to enforce the new regulations.

    "It is particularly worrying because you cannot be sure that you have implemented the rules the right way at the moment." 

    Earlier this week, Diego Naranjo, a senior policy adviser at European Digital Rights, said not enough had been done to educate and inform people about GDPR and its implications.

    "We've been telling the European Commission that such a change needs a proper campaign to tell people how their rights are going to be reinforced. We've seen a lot of misinformation by private companies who see their business model potentially affected by this regulation," said Naranjo.

    SOURCE: Al Jazeera News


    Interactive: How does your country vote at the UN?

    Interactive: How does your country vote at the UN?

    Explore how your country voted on global issues since 1946, as the world gears up for the 74th UN General Assembly.

    'We were forced out by the government soldiers'

    'We were forced out by the government soldiers'

    We dialled more than 35,000 random phone numbers to paint an accurate picture of displacement across South Sudan.

    Interactive: Plundering Cambodia's forests

    Interactive: Plundering Cambodia's forests

    Meet the man on a mission to take down Cambodia's timber tycoons and expose a rampant illegal cross-border trade.