pe3check - stock.adobe.com
The European Union’s (EU’s) General Data Protection Regulation (GDPR) is forcing organisations worldwide to reorganise to protect EU citizens’ data, which will benefit all consumers, says the US-based Consumer Action group.
As consumers do and store more online, the threat of data breaches and privacy lapses is ever present, but according to the group, US citizens’ privacy rights are not well protected.
US consumer rights are dictated by a “spotty patchwork” of federal and state laws, which are inadequate to ensure that consumers are protected and have a say as to what’s done with their personal information, Consumer Action said.
According to Consumer Action, US consumers rely on state and federal laws that offer limited protection. While there are specific rules or laws about credit-related data, under the Fair Credit Reporting Act (FCRA), some medical data under the Health Insurance Portability and Accountability Act (Hipaa), and children’s data under the Children’s Online Privacy Protection Act (Coppa), these limited protections focus primarily on notice and individual or parental consent the consumer group said.
However, from 25 May 2018, all companies that handle the personal data of EU citizens will have to comply with the GDPR or face significant fines, regardless of where the companies are based.
The GDPR is aimed at giving consumers the right to know, limit, delete and correct information about themselves. The regulations will provide consumers with better access to the personal information collected about them and improve corporate accountability for data handling.
Consumer Action believes US and other consumers will benefit indirectly because it is unlikely that global corporations will create country-specific systems for data protection, retention, correction and deletion. This means all consumers will benefit from improved personal data protection processes.
“As global firms adapt to the EU’s data protection law, we’re hopeful that all consumers will benefit from stricter data security and gain a reasonable measure of control over their personal information that so many others prosper from the EU’s strong regulation,” said Linda Sherry, director of national priorities at Consumer Action.
According Consumer Action, the GDPR is forcing companies to reconsider the data they collect and retain, with many conducting “data hygiene” exercises to clean up their data collection and retention practices ahead of the GDPR compliance deadline.
The UK’s Information Commissioner’s Office, which will be responsible for enforcing the GDPR in the UK, has pointed out that compliance with the regulation makes good business sense.
Information commissioner Elizabeth Denham believes the new rules will bring better engagement with customers, enabling marketers to be better able to direct more targeted marketing to them.
“You will have complete confidence that your customers have given informed consent,” she told the Direct Marketing Association (DMA) Data Protection 2018 event in London.