GDPR General Data Protection Regulations
Mandatory since May 25, 2018
GDPR: What is changing regarding personal data
More and more people are concerned about the protection of personal data. The European Union is taking a close interest in it and has set up a regulation which has applied since May 25, 2018. The purpose of this regulation is to regulate the collection and processing of these. A brief overview of what is changing regarding personal data.
GDPR, for what purpose?
The GDPR (General Data Protection Regulation) was voted in April 2016 for application on May 25, 2018.
Through this regulation the European Union wants to allow citizens to have more rights over their data personal.
In addition to protecting citizens' data, the intention of this text is to harmonize the regularization of data protection within the European Union. This text is a regulation and applies, by definition, in the same way to all EU member countries.
What is personal data?
Data is raw information: an address, a telephone number, a name, a first name, a family situation, musical tastes, political orientation, etc.
It is considered personal from the moment it identifies a person. It is through the first and last name that a person can be identified. When data is attached to a person it becomes personal. Otherwise they are considered "anonymous" and are therefore not affected by this regulation. There are also “sensitive” data which, on the other hand, are all the more concerned by this regulation: Data concerning someone's state of health, their ethnic origin, their political, union or religious orientation, their data biometric (fingerprints, iris, facial…).
What is changing for citizens?
New rights are granted to individuals regarding the protection of their data.
First, the citizen can ask to know all the data that a company has on him. Once this data has been recovered, he can ask to rectify data concerning him if it is false or inaccurate. He now has the right to digital oblivion, he can ask a company to erase all the information it has about him. It is also possible for the citizen to ask a platform (social network, internet service provider, streaming site, etc.) to transfer all the data concerning him to another platform.
New rights for citizens showing the will of this regulation to strengthen a person's power over their personal data.
What is changing for businesses?
Citizens were granted new rights, in return, the responsibility of organizations was strengthened
For each new contact, the company must collect consent of the person before they can collect their data. It must then be able to prove that the person has consented. The company must also be transparent as to use that she will do with this data. It must therefore explain to the person, at the time of their consent, the purpose of this collection. This also concerns the sending of emailing or newsletter. The company is obliged to give the customer the possibility of being able to easily unsubscribe from the mailing list.
The CNIL wants to help companies, especially SMEs and VSEs, to make this transition. In this regard, a 6-step guide is online to facilitate the transition.
And the Measurement Network in all of this?
With its experience and the organization of exhibitions such as MSE2018, the measurement network is concerned and active on the subject. Indeed, the Measurement Network organizes meetings (example here) and an shared action to help its members in this essential process.
When we know that the Measurement Network has more than 135 member companies, the application of such regulations concerns it directly and allows us to benefit from its experience.
The Measurement Network is not limited to these actions and offers many others. Join the different working groups
And the rest?
Through this new regulation, the EU wants to make multinationals react first, which today have great freedom regarding our data. It remains to be seen how this will unfold for the rest of the world.