According to the dictionary, it is not necessary to go to the RAE, privacy is "the most interior or deepest part of a person's life, which includes their feelings, family life and friendship relationships." I have decided to include this definition because it seems that for some time now, rather since Facebook and Google collect our data at will, we have forgotten what the definition is.
The new General Data Protection Regulation (GDPR) came into effect two years ago. Since that date, companies have had plenty of time to adapt to the new regulations that apply at the European level from today May 25, hence we do not stop receiving emails asking us to Let's review the new terms of service if we want to continue making use of them.
The origin of this new regulation
Most, if not all, tech companies are in the United States, where the word privacy seems to disappeared from the dictionary a few years ago. However, in the European Union, which seems to have a crusade against technology companies (which coincidentally are mostly American) has always attached great importance to this term.
This new regulation is born at the request, in part, of technology companies, since each country where it offers its services has different regulations. With the new GDPR, all companies that provide service in the European Union must be based on that regulation if they do not want to receive heavy financial penalties.
This does not mean that every country cannot create your attachments to this new regulation, an annex that can only complement or specify in more detail, the new regulation, never contradict it or cancel its operation.
What is the GDPR?
The first European directives on data protection in electronic communications date back to the mid-90s, when the digital age in which we have become began to take off. An update of the terms was needed to restrict the use and access to data that companies can collect from users.
As the years have passed, these regulations, which were not grouped, have been becoming obsolete, which has allowed many companies to do what they wanted with our data, leaving ethics in the background to obtain a greater benefit.
The GDPR was born so that users have greater control over personal data offered or collected by companies, so that in this way, we can not only access them quickly and easily, but also be able to delete them whenever they want (right to be forgotten) and thus prevent them from continuing to disseminate our data.
In addition, this new law also benefits companies, since it allows them to offer their services in a environment of greater transparency and thus be able to recover part of the mistrust they have earned in recent years.
This new regulation affects both companies and institutions equally that collect and make use of personal data of citizens of the European Union, so that any company that wants to provide service in European territory, has no choice but to comply with the GDPR. Some companies and applications have been forced to announce that they will stop providing services in the European Union, stating that they cannot adapt to it (without specifying the reasons).
Penalties for not complying with the new GDPR
With this new regulation, the penalties for violating the GDPR can reach the € 20 million or 4% of the company's annual revenue volume. But they are not the only ones, since depending on the severity of the infraction, penalties of 2% of the annual gross income can be applied.
The problem is that these fines they are small change for large companies Like Facebook, for example, who make a lot more money trading our data than trying to comply with these terms. To get an idea of how important the GDPR is for Internet companies, we only have to see how in the United States, and therefore the rest of the country where Mark Zuckerberg's company provides service with Facebook, the company does not have thinking of changing the terms of service for ones equal to those of the European Union.
How does the GDPR affect me?
The new regulation gives us digital rights, something that until now we did not have. These rights allow us to know at all times what companies do with our data. All the data that the company collects or already has about us, are ours, not theirs, so we can delete them whenever we want or need to do so.
All under 16 years have a serious problem with this regulation, since at no time can they consent to the processing of their data unilaterally, but will have to do so with the supervision of their parents or guardians.
Another novelty of this new regulation is that we will finally be able to read the conditions of the service without having to click on a thousand links (as Facebook did) in addition to not understanding half of the conditions of it. The terms of service must displayed in an intelligible and easily accessible way.
A section especially draws the attention of this regulation, we find it in the portability: the right of a data subject to receive personal data concerning him, which he has previously provided in a "commonly used and machine-readable format" and who has the right to transmit such data to another control.