We've had two years to prepare. Our inboxes are flooded with privacy policies and the quality of office lunchtime chat has dropped significantly over the past week – "Omg how sick are you of these GDPR emails?!" "Crap, we haven't sent ours out yet. When's the deadline again?"
The day is finally here – it's General Data Protection Regulation Day, and we're just glad it's over... except it's really just beginning.
What it means: Cheesy movie trailer tone aside, GDPR is actually a really important regulation, and with all the talk of 'big data' we've been hearing, a pretty timely one too.
It's designed to protect our rights as consumers. Basically, the more a company knows about you, the easier it is to sell you stuff – from where you live, to what music you like, to what your political views are. So companies have been doing everything they can to collect as much data as possible on their customers and potential customers – and the EU thinks it's gone too far.
As of today, companies will no longer be allowed to offer premium services in exchange for more data (e.g. 'give us your email address for 10 free songs on our streaming service'), and they'll need your explicit consent to save and use the data you give them. If you decide you don't want them to have it anymore, they've got to comply and delete it from their servers.
If they don't comply, they could be fined up to 4% of annual turnover – for a company like Amazon, that'd be $7 billion, or two years of profit. Considering that recent surveys showed a quarter of businesses in London didn't actually know what GDPR was just a few months ago, we're thinking there'll be a lot of people working late in the office tonight...
