Rava is an online news portal providing recent news, editorials, opinions and advice on day to day happenings in Pakistan.
It is possible that the last few days you have received dozens of emails with “important notices”, “policy review” or “privacy updates”.
It also may be that when accessing a web page you have seen a notice at the top of the screen informing you that they will execute a new use of your data.
Why are there so many warnings? The answer is in four letters: GDPR.
It stands in the General Data Protection Regulation , which in Spanish translates as General Data Protection Regulation and which comes into force this May 25 in Europe.
It is a new law that sets the European Union in motion to set a series of protections for Internet users.
Google Twitter, Facebook, Spotify, Apple, Amazon or Microsoft are some of them, as well as numerous online stores , banks and firms from around the world that work in the region.
Because right now?
Although the law came into force in May 2016, it is now when it will be enforced. That is why we are receiving emails these days: companies have an obligation to notify.
If they do not, they face fines of up to US $ 20 million.
The recent Facebook controversy over the Cambridge Analytica leak, together with growing concerns around privacy around the world, has increased the pressure on companies and regulators to take measures to defend and guarantee the rights of Internet users. in front of the business interests.
The regulation will replace that of each country that is part of the European Union, updating standards that have not been revised since 1995 , when the use of the internet was not yet as widespread as it is now.
And many companies will apply the rules worldwide, not only because they offer more guarantees for the user, but because it is much easier to apply a single regulation.
Most companies that offer services on the internet have to justify how and why they use and store your data, from social networks to the airline with which you buy your plane tickets or the online newspaper to which you are subscribed.
It is what is called the “right of access” of that company to your information.
Companies need your explicit consent to handle that information.
The idea is that this consent is obtained through a declaration, that is, a “clear affirmative action”. For example, by checking a box to let you know that you agree or through an electronic signature.
That action is necessary for the following:
- Treatment of “sensitive personal data” : racial origin, political opinions, biometric data, sexual orientation, your photo, email, bank details, medical information …
- Automated decisions and profiling : often used for commercial purposes, such as personalized advertising.
- International transfers : they should inform you about the risks you assume when doing so.
What is translated?
One of the effects of the new European regulation is that from now on users can demand to know clearly and explicitly what data companies have about them and request that all or some of them be eliminated if they wish.
It also allows users to be more informed when there is a hack or receive what the company collects about them to have a more direct management of their own data or to move them to another entity more easily ( “right to portability “).
This has a lot to do with the recognition of the so-called “right to be forgotten”and the privacy of people in the network.
But, on the other hand, although the new law protects Internet users, it does not limit the amount of information that companies can obtain about them.
The regulation has 119 pages that, if you wish, you can consult here: