Data Protection Regulations in Action

Let me be the owner of my Data

It’s the start of the year 2020, and day by day we are getting deeply involved with the data and it’s processing, manipulation, analysis and security. In our everyday life we are getting surrounded by applications and tools that are becoming vital for our daily use, with such immense usage of such platforms, applications and data processors there is a always an alarm in everybody’s mind that how their personal data is being collected and used? how it is being manipulated ? Are they selling our personal data to third parties for any purposes ? Is our personal data safe in their hands ? and many more. All such questions arises in the mind of every single user everyday.

GDPR to the rescue.

Back in 2018, To address all these issues and questions and to provide a user some control over his personal data. A law came into implementation in May 2018 termed as GDPR (General Data Protection Regulation). It is a set of regulations and laws implemented along with other European laws for ensuring the protection and privacy of the data of every individual citizen of the European Union and the European Economic Area. Moreover it also addresses the transfer of personal data outside the EU and EEA region.

GDPR consists of rules and regulations that allows a user to have control over their data stored in various locations by various vendors. In short these controls were well defined and are providing the user the right to Access, Update, Remove, Rectify and Backup their data present at various storage servers. All the vendors or companies also have to declare that for what motives and purposes they are using the user’s data or they are not selling any user data to any third party vendors or processors. All the data whether personal or not that is being collected by the companies are safe or not. All the data subject requests must be fulfilled by the companies in order to comply with the GDPR policy and become a GDPR compliant service provider.

After May 2018, When GDPR came into action, Many of the organizations were fined for not fulfilling the requirements as described or bounded by the GDPR. There are many stories revolving around which clearly depicts that many huge organizations were fined up till now for some certain reasons. Penalties and fines that are to be imposed under the GDPR is up to 4% of annual global turnover or €20 million, which is obviously a very massive amount.

CCPA in Action

As the year 2020 has been started. I have started receiving emails on daily basis from multiple organizations and service providers subjected as “Updates to our privacy policy”. As from the beginning of 2020, another data protection regulation named as CCPA (Californian Consumer Privacy Act) came into action for the specific US region i.e California. Which has somehow the same motive as the GDPR has. The CCPA has became effective from January 1, 2020. The basic theme and aim is to provide every single user the independence, control and freedom over his/her personal data that is being given or captured by the service providers and different vendors in different forms. All eyes are now on the actions that all the companies are taking for becoming a compliant under CCPA and to follow all the rules set and framework defined under the CCPA regulations.

Moreover if we have a look at the fines and penalties, It can be up to $7,500 for every intentional violation and $2,500 for each unintentional violation.

In a Nutshell

In a nutshell these data protection regulations are providing every single user control over their data, which is also the right of every single user using any of the application or services. On the other hand these laws and regulations are also binding companies and service providers to follow a proper and strict set of rules in order to fulfill all the data subject requests coming towards them. Data is the most important asset to have, he who has it and has the control over it can do wonders.

Python, DevOps, Cryptography, Infra-Structure, Automation.

Python, DevOps, Cryptography, Infra-Structure, Automation.