General Data Protection Regulation (GDPR)
You may have noticed an influx of emails regarding privacy policies and terms of service updates. Companies everywhere are rushing to update their policies and be in compliant with the new General Data Protection Regulation (GDPR) regulation.
The GDPR is a new, European data privacy regulation that goes into effect May 25, 2018. The GDPR, which replaces the 1995 Data Protection Directive, is designed to strengthen and unify data protection for all citizens and residents in the European Union (EU). The GDPR will allow consumers greater protection and control over their personal data, including the right to be informed know how their data is being used, the right to know if the data is lost or stolen, and the right to rectification and to opt out of data collection.
Like many other institutions in the US, the University is in the process of preparing as well. The GDPR forces us to more closely examine the complexity of personal data beyond what we know it to be in the US. It is important for consumers to understand that this regulation provides additional important privacy rights and requires more explicit consent before collecting data. Preparation for the GDPR is happening globally and “behind the scenes” at most companies; resulting in the various policy updates in your inbox. While it is very early in the life cycle, GDPR is expected to re-shape the internet as we know it by changing the way data is collected.
To read more about the GDPR, please visit the GDPR Portal website.