Over the past years we’ve heard tech gurus and IT-people talk (immensely) about the power of big data. Allowing companies, brands and associations to target customers more precisely than ever, data is hugely beneficial, but also raises questions regarding ethics and privacy. GDPR is the European Union’s answer to the problem, but what are we exactly talking about?

What is GDPR?

GDPR (General Data Protection Regulation 2016/679) is the result of a four-year long journey the EU started in 2014. This law aims to give more control and increased protection to citizens regarding their data and create a list of uniformed rules across the European Union. The current legislation in most countries is outdated and was passed before the actual internet boom (the current EU legislation is the “EU Data Protection Directive” 95/46 – which was adopted in 1995).

When will GDPR come into effect?

May 25th 2018 will be the big day for data protection across Europe as the GDPR will be enforced in all countries part of the European Union (this applies to the United Kingdom too).


Why is it so important to businesses?

GDPR will have an impact on every sector of the economy and will bring substantial changes to the way businesses work. All businesses across the globe will have to modify policies in order to comply with the new regulation. Even though it’s a long way to adherence and compliance, this is also an opportunity for businesses to show their targeted audiences that they care about their privacy and are responsible regarding this topic.

What about the consumer?

Generally speaking, most consumers probably won’t notice the difference, even though, with time, they might see some changes in the way companies communicate with them: more transparency on how data is collected and a better understanding on how it’s processed. Furthermore, this will allow for bad eggs to be exposed and large fines to be distributed to those who don’t respect the regulation.

In the end, as long as businesses see this regulation as an opportunity to improve their corporate image and the way they handle their clients’/customers’ data then it shouldn’t be too difficult. In a way, even the largest controllers and processors have data of their own they want to see protected, so this should be a win-win for everyone.