In the United States, consumer privacy rules are not as strong as they are in other areas of the world. Recently, the U.S. Congress voted to overturn a pending regulation that would require Internet service providers (ISPs) to obtain people’s permission before selling their data about them. President Trump then signed the rollback.
“The reversal is a victory for ISPs, which have argued that the regulation would put them at a disadvantage compared with so-called edge providers, like Google and Facebook. Those firms are regulated by the Federal Trade Commission and face less stringent requirements. ISPs collect huge amounts of data on the Web sites people visit, including medical, financial, and other personal information. The FCC regulation would have required ISPs to ask permission before selling that information to advertisers and others, a so-called opt-in provision.”
In contrast to the U.S. approach to privacy, Europe has a sweeping new regulation that will take effect in May 2018. It will have an impact on companies based anywhere, including the United States.
Brian Wallace, writing for CMS Wire, describes the General Data Protection Rule (GDPR), thusly. Be sure to read the material highlighted:
“The European Parliament passed the General Data Protection Rule (GDPR) in April 2016. The law is one of the most sweeping privacy laws protecting citizens ever to be put on the books, and is scheduled to take effect on May 25, 2018. One of the most misunderstood things about this law is that it covers EU citizen data, no matter which country the company using it is located. This means that any company in the world that stores EU citizen protected data has less than a year to come into compliance with the GDPR.“
According to the GDPR’s Web site, “The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy, and to reshape the way organizations across the region approach data privacy. The GDPR protects personal data and sensitive personal data. This includes: sensitive data: name, location, identification numbers, IP address, cookies, RFID info; and sensitive personal data: health data, genetic data, biometric data, racial or ethnic data, political opinions, and sexual orientation.“
Take a look at the following infographic from Digital Guardian to learn more! Click the image for a larger version.