{"id":454,"date":"2018-05-22T13:49:10","date_gmt":"2018-05-22T10:49:10","guid":{"rendered":"https:\/\/lasoft.org\/blog\/?p=454"},"modified":"2024-06-24T20:37:29","modified_gmt":"2024-06-24T17:37:29","slug":"general-data-protection-regulation","status":"publish","type":"post","link":"https:\/\/lasoft.org\/blog\/general-data-protection-regulation\/","title":{"rendered":"What is general data protection regulation?"},"content":{"rendered":"

All our interactions with the Internet are about exchanging data. We go online to get information, but we also have to be ready to give our personal details. So does it mean that any service can use personal information of the user if he gets to interact with it? It has been so, but the changes are coming in the form of the General Data Protection Regulation (GDPR). Let’s find out what it implies and how it may impact your work. <\/span><\/p>\n

What is GDPR?<\/span><\/h2>\n

As European Commission summarized, “the objective of this new set of rules is to give citizens back control over of their personal data, and to simplify the regulatory environment for business.” It’s believed that new regulations will help to boost digital economy<\/a> on the mutually beneficial terms for businesses and their customers.<\/span><\/p>\n

It had taken nearly four years (between 2012, when the proposal was released, and 2016, when the regulation entered into force) for general data protection regulation to become a part of our reality. However, de facto it\u2019s still not there since it will come into real effect on the 25th of May 25, 2018. \u00a0\u00a0<\/span><\/p>\n

The time between 2016 and 2018 was strategically given to companies and firms that work with data so they could fully apply new regulation to all of their work processes. Of course, not every company operates with such giant amounts of personal data as Google, Microsoft, Facebook, but almost every company deals with data. And for those companies that deal with the data of European citizens application of changes is inevitable.<\/span><\/p>\n

Now you may think, alright, it\u2019s going to be somehow different, but what is about now, how do possible violations work? Let me show it to you by the recent case of major data robbery that resulted in a worldwide impact.<\/span><\/p>\n

Cambridge Analytica case and thousands of others <\/span><\/h2>\n

In 2014, information about friends of nearly 270,000 users that passed personality tests (which turned into another number of almost 50 mln users) became accessible to such third-party as Cambridge Analytica. The latter is known as a company that provides political consulting services. The company is blamed for using this information for impacting U.S. elections in 2016. <\/span><\/p>\n

Christopher Wylie, who has worked with Cambridge Analytica, commented on this: <\/span><\/p>\n

We exploited Facebook to harvest millions of people\u2019s profiles. And built models to exploit what we knew about them and target their inner demons. That was the basis the entire company was built on.<\/span><\/i><\/p><\/blockquote>\n

However, this case is like a drop in the ocean because as it recently came up, app developers have had uncontrolled access to the data of the majority of Facebook users. Therefore, Cambridge Analytica is certainly a big case but far <\/span>not the only one of misusing information of Facebook users<\/span><\/a>.<\/span><\/p>\n

The thing is that all quizzes and games that you access from Facebook automatically receive your data, and the way it will be used after isn\u2019t controlled. In other words, external developers can use users\u2019 information for any purpose and in any way they want.<\/span><\/p>\n

What you need to know about general data protection regulation<\/span><\/h2>\n

General data protection regulation is supposed to become a tool for organizing the chaotic way of handling users\u2019 personal data and giving back privacy to them. The following are the most frequently asked questions about general data protection regulation, which I tried to answer in a brief and simple manner. <\/span><\/p>\n

What kind of data is regarded as personal?<\/b><\/h3>\n

The term \u201cpersonal data\u201d refers to any information about a user that can make them identifiable. It can be name, location, nationality, age, etc. Literally, all that makes you distinguishable and recognizable as You is your personal data. \u00a0\u00a0<\/span><\/p>\n

General data protection regulation admits using pseudonymization as a legal way of processing personal data. The idea is that users data is encrypted and the encryption key is stored separately. However, this approach shouldn\u2019t be overused as the data is still personal, though encrypted. <\/span><\/p>\n

What do users gain with general data protection regulation?<\/b><\/h3>\n

The main aim of general data protection regulation is to give users of digital devices more control over their personal data, which also includes the right to know how exactly their data is used. Recall Cambridge Analytica case and how insecure has been data processing by Facebook platform.<\/span><\/p>\n

What kind of businesses are to be affected by new regulation?<\/b><\/h3>\n

The focus businesses that match criteria of the new regulation are both EU businesses and those that are located outside EU with the main condition that they use personal data of EU citizens. Companies may want to deal with the information of EU citizens and all others in a different manner, which is possible, but not recommended since it may lead to a mess.<\/span><\/p>\n

How can businesses prepare themselves?<\/b><\/h3>\n

To prepare themselves, businesses may want to hire an external expert that can help with the process of transition to new rules. (However, it\u2019s not required, and company can train inner specialist to handle this work.) <\/span><\/p>\n

Such experts are called data protection officers (DPO). Although similar to the role of a compliance officer, DPO is supposed to have advanced knowledge of new policies of data protection and help organize the work of the company accordingly. <\/span><\/p>\n

What kind of threats may the regulation yield?<\/b><\/h3>\n

There\u2019s a tiered system of fines that will be applied to the companies that violate data protection regulation terms, which depends on how severe the case is. However, the maximum penalty is set, and it\u2019s 4% of the global annual turnover of the infringer. \u00a0\u00a0<\/span><\/p>\n

Conclusion<\/span><\/h2>\n

Regarding such cases as Cambridge Analytica and thousands of others that happened due to the uncontrolled way of dealing with users\u2019 personal information, general data protection regulation is definitely something that should have happened to our digital world.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"All our interactions with the Internet are about exchanging data. We go online to get information, but we also have to be ready to give our personal details. So does it mean that any service can use personal information of the user if he gets to interact with it? It has been so, but the…","protected":false},"author":3,"featured_media":458,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[229,99],"tags":[],"coauthors":[132],"class_list":["post-454","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-corporate-governance","category-security"],"yoast_head":"What is general data protection regulation?<\/title>\n<meta name=\"description\" content=\"We go online to get information, but we also have to be ready to give our personal details. So does it mean that any service can use personal information of the user if he gets to interact with it? It has been so, but the changes are coming in the form of the General Data Protection Regulation (GDPR).\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/lasoft.org\/blog\/general-data-protection-regulation\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is general data protection regulation?\" \/>\n<meta property=\"og:description\" content=\"We go online to get information, but we also have to be ready to give our personal details. So does it mean that any service can use personal information of the user if he gets to interact with it? It has been so, but the changes are coming in the form of the General Data Protection Regulation (GDPR).\" \/>\n<meta property=\"og:url\" content=\"https:\/\/lasoft.org\/blog\/general-data-protection-regulation\/\" \/>\n<meta property=\"og:site_name\" content=\"Software Development Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/lasoftians\/\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-22T10:49:10+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-06-24T17:37:29+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/lasoft.org\/blog\/wp-content\/uploads\/2018\/05\/taylor-nicole-38837-unsplash.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Andriy Tatchyn\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@LaSoftAgency\" \/>\n<meta name=\"twitter:site\" content=\"@LaSoftAgency\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Andriy Tatchyn\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>","yoast_head_json":{"title":"What is general data protection regulation?","description":"We go online to get information, but we also have to be ready to give our personal details. So does it mean that any service can use personal information of the user if he gets to interact with it? It has been so, but the changes are coming in the form of the General Data Protection Regulation (GDPR).","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/lasoft.org\/blog\/general-data-protection-regulation\/","og_locale":"en_US","og_type":"article","og_title":"What is general data protection regulation?","og_description":"We go online to get information, but we also have to be ready to give our personal details. So does it mean that any service can use personal information of the user if he gets to interact with it? It has been so, but the changes are coming in the form of the General Data Protection Regulation (GDPR).","og_url":"https:\/\/lasoft.org\/blog\/general-data-protection-regulation\/","og_site_name":"Software Development Blog","article_publisher":"https:\/\/www.facebook.com\/lasoftians\/","article_published_time":"2018-05-22T10:49:10+00:00","article_modified_time":"2024-06-24T17:37:29+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/lasoft.org\/blog\/wp-content\/uploads\/2018\/05\/taylor-nicole-38837-unsplash.jpg","type":"image\/jpeg"}],"author":"Andriy Tatchyn","twitter_card":"summary_large_image","twitter_creator":"@LaSoftAgency","twitter_site":"@LaSoftAgency","twitter_misc":{"Written by":"Andriy Tatchyn","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/lasoft.org\/blog\/general-data-protection-regulation\/#article","isPartOf":{"@id":"https:\/\/lasoft.org\/blog\/general-data-protection-regulation\/"},"author":{"name":"Andriy Tatchyn","@id":"https:\/\/lasoft.org\/blog\/#\/schema\/person\/24c1a830a1ff109946f6bd239c5f1c99"},"headline":"What is general data protection regulation?","datePublished":"2018-05-22T10:49:10+00:00","dateModified":"2024-06-24T17:37:29+00:00","mainEntityOfPage":{"@id":"https:\/\/lasoft.org\/blog\/general-data-protection-regulation\/"},"wordCount":966,"publisher":{"@id":"https:\/\/lasoft.org\/blog\/#organization"},"image":{"@id":"https:\/\/lasoft.org\/blog\/general-data-protection-regulation\/#primaryimage"},"thumbnailUrl":"https:\/\/lasoft.org\/blog\/wp-content\/uploads\/2018\/05\/taylor-nicole-38837-unsplash.jpg","articleSection":["Corporate Governance","Cybersecurity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/lasoft.org\/blog\/general-data-protection-regulation\/","url":"https:\/\/lasoft.org\/blog\/general-data-protection-regulation\/","name":"What is general data protection regulation?","isPartOf":{"@id":"https:\/\/lasoft.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/lasoft.org\/blog\/general-data-protection-regulation\/#primaryimage"},"image":{"@id":"https:\/\/lasoft.org\/blog\/general-data-protection-regulation\/#primaryimage"},"thumbnailUrl":"https:\/\/lasoft.org\/blog\/wp-content\/uploads\/2018\/05\/taylor-nicole-38837-unsplash.jpg","datePublished":"2018-05-22T10:49:10+00:00","dateModified":"2024-06-24T17:37:29+00:00","description":"We go online to get information, but we also have to be ready to give our personal details. So does it mean that any service can use personal information of the user if he gets to interact with it? It has been so, but the changes are coming in the form of the General Data Protection Regulation (GDPR).","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/lasoft.org\/blog\/general-data-protection-regulation\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/lasoft.org\/blog\/general-data-protection-regulation\/#primaryimage","url":"https:\/\/lasoft.org\/blog\/wp-content\/uploads\/2018\/05\/taylor-nicole-38837-unsplash.jpg","contentUrl":"https:\/\/lasoft.org\/blog\/wp-content\/uploads\/2018\/05\/taylor-nicole-38837-unsplash.jpg","width":1024,"height":683,"caption":"general data protection regulation"},{"@type":"WebSite","@id":"https:\/\/lasoft.org\/blog\/#website","url":"https:\/\/lasoft.org\/blog\/","name":"Software Development Blog","description":"Insightful Analysis of IT Markets and Emerging Technologies","publisher":{"@id":"https:\/\/lasoft.org\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/lasoft.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/lasoft.org\/blog\/#organization","name":"LaSoft","url":"https:\/\/lasoft.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/lasoft.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/lasoft.org\/blog\/wp-content\/uploads\/2024\/06\/lasoft.jpg","contentUrl":"https:\/\/lasoft.org\/blog\/wp-content\/uploads\/2024\/06\/lasoft.jpg","width":1200,"height":628,"caption":"LaSoft"},"image":{"@id":"https:\/\/lasoft.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/lasoftians\/","https:\/\/x.com\/LaSoftAgency","https:\/\/www.instagram.com\/lasoftians\/","https:\/\/www.linkedin.com\/company\/la'soft-","https:\/\/www.youtube.com\/channel\/UCGiINdBnqPoBpK1WaCEZMHQ\/"]},{"@type":"Person","@id":"https:\/\/lasoft.org\/blog\/#\/schema\/person\/24c1a830a1ff109946f6bd239c5f1c99","name":"Andriy Tatchyn","description":"Andriy Tatchyn brings over 15 years of experience in the software development industry, with a strong background in consulting and leadership roles. He founded LaSoft in 2014 to leverage his extensive expertise in helping businesses use technology to solve complex problems and optimize operations. Andriy holds a Master of Science (MS) in Technology Management and has identified and analyzed over 500 technological business cases throughout his career. His passion for collaboration and building strong foundations enables him to guide businesses in Business Operations, Technology Strategy, and System Architecture. He upholds the fundamental values of integrity, hard work, trust, and respect, which are the bedrock of LaSoft and fuel their commitment to helping clients succeed.","sameAs":["https:\/\/www.linkedin.com\/in\/andriy-tatchyn-2144332a\/"],"url":"https:\/\/lasoft.org\/blog\/author\/andriy-tatchyn\/"}]}},"_links":{"self":[{"href":"https:\/\/lasoft.org\/blog\/wp-json\/wp\/v2\/posts\/454","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lasoft.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lasoft.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lasoft.org\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/lasoft.org\/blog\/wp-json\/wp\/v2\/comments?post=454"}],"version-history":[{"count":13,"href":"https:\/\/lasoft.org\/blog\/wp-json\/wp\/v2\/posts\/454\/revisions"}],"predecessor-version":[{"id":1604,"href":"https:\/\/lasoft.org\/blog\/wp-json\/wp\/v2\/posts\/454\/revisions\/1604"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lasoft.org\/blog\/wp-json\/wp\/v2\/media\/458"}],"wp:attachment":[{"href":"https:\/\/lasoft.org\/blog\/wp-json\/wp\/v2\/media?parent=454"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lasoft.org\/blog\/wp-json\/wp\/v2\/categories?post=454"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lasoft.org\/blog\/wp-json\/wp\/v2\/tags?post=454"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/lasoft.org\/blog\/wp-json\/wp\/v2\/coauthors?post=454"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}