These days, companies use data to create enticing offerings and deliver quality services. Whether at the research stage or the feedback stage, companies try to gather as much information as they can from their prospective or existing customer base. In some cases, the data collected is personal, such as customer’s personal details, contact information, home address, or in the case of government and official databases, even social security numbers and banking details. In a world that is now powered by data, it becomes more and more important to ensure safety regulation, and ensure customers their data is safe and will not be misused.
The European Union has announced the General Data Protection Regulation (GDPR). The GDPR is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union. It sets out principles for data management and the rights of individuals, while imposing fines. The GDPR covers all companies that deal with the data of EU citizens, so it is a critical regulation for corporate compliance officers at banks, insurers, and other financial companies. The regulation will come into effect across the EU on May 25, 2018.
The EU-US Privacy Shield agreement was imposed last year amid concerns of snooping by U.S. intelligence agencies on global data managed by U.S. companies. EU Justice Commissioner Vera Jourova said Wednesday that “the Privacy Shield works well, but there is some room for improving its implementation.” The EU said it will be looking for better compliance monitoring by the U.S. authorities of their companies, and they are seeking to raise awareness among EU citizens how to better defend their privacy rights.