In this video, Kalinda Raina explains the basic principles of the EU General Data Protection Regulation (GDPR). Learn about the history of this regulation, and how it relate to enterprise data transactions.
- GDPR, it stands for the General Data Protection Regulation and it is the most comprehensive data privacy law ever passed. It was designed to strengthen and unify data protection for all individuals within the European Union. While it's a European data privacy law, its impact will be felt all over the world. Anyone involved in processing personal data about individuals in the EU must comply, whether or not they're located in the EU, the U.S., or anywhere else in the world. The fines for companies that fail to comply can range from 2% to 4% of global annual revenue.
Just think about that. For many companies, these fines could reach into the billions. This broad scope and the potential for immense fines are why the GDPR, unlike privacy laws of the past, is getting so much attention from global corporations. While taking appropriate measure to comply with this new law may seem expensive, it's likely money well spent as its impact will continue to be felt for several years, if not decades to come. The GDPR is not an entirely new law.
It was preceded by the EU Data Protection Directive, which was passed in 1995 and remained in effect from 1998 until May of 2018. After four years of debate, the EU passed the GDPR in 2016 which expanded the number of data protection obligations required of companies and strengthened rights, many of which already existed under the Data Protection Directive. This new law will go into effect on May 25, 2018, and is designed to cover existing technology, as well as technologies that may not have even been invented yet.
With GDPR, protecting and honoring data subject rights is more than just a noble cause. Data protection is now directly tied to a company's bottom line. As a result, data privacy is becoming an area of increased interest and scrutiny for users, the C-Suite, and the Boardroom. GDPR and data protection are something every employee needs to have a working knowledge of.
DISCLAIMER: Neither LinkedIn nor the instructor represents you, and they are not giving legal advice. The information conveyed through this course is not intended to give legal advice, but instead to communicate information to help viewers understand the basics of the topic presented. Certain concepts may not apply in all countries. The views (and legal interpretations) presented in this course do not necessarily represent the views of LinkedIn or Lynda.com.
- Define GDPR.
- Explain key concepts and requirements of GDPR.
- Describe privacy by design.
- List data subject rights.