EU spam rules enforced
As almost anyone with an inox will know by now – new European privacy regulations have come into effect.
European companies have been contacting their entire mailing lists to ask for consent to keep processing users’ data.
The European Union General Data Protection Regulation (GDPR) replaces a former patchwork of rules and includes new laws that could see fines of up to four per cent of global revenue if they are breached.
The GDPR strengthens individual rights for people to have data erased or to ask a company for a copy of personal data.
It has some entirely new mandates too, such as creating a new right to transfer data from one service provider to another or to restrict companies from using personal data.
The implementation of GDPR means that most European domain data in WHOIS - a database of names, addresses and email addresses of those who register domain names - will no longer be published publicly after 25 May.
“It's a gradual and not a revolutionary kind of thing ... However for many companies it was a huge wakeup call because they never did their homework. They never took the data protection directive seriously,” said Patrick Van Eecke, partner at law firm DLA Piper.
Some privacy advocates say the new laws should be used as a model for personal data protection in the global internet era.
But critics say the new regime places an unbearable burden on small businesses in particular, and may make it harder for some companies to find customers.
Legal cases are already brewing for internet platforms whose model relies on processing people's personal information.