What is the GDPR?

GDPR stands for the General Data Protection Regulation.

It’s the latest development in European privacy standards that went into effect on May 25th, 2018.   It tightens Europe’s already strict laws on what companies can do with your private information.  You may have received updated Privacy Policy emails in your inbox recently or heard of it in the news or on the web.  While it is a European legislation it has a big effect on businesses outside the European Union (EU) including the US and Canada.

How does the GDPR effect Canadians?

GDPR has rewritten how data sharing works on the Internet and set new rules for how companies can treat user data, with a particular eye towards Technology companies.  Companies are rewriting their policies even for residents that are not part of the EU. The major difference is that in the GDPR provisions around consent are stricter than in previous regulations which requires companies to ask for permission more often. In layman’s terms, this means setting up a lot more “click to proceed” boxes and making it more explicit that you are asking for their consent before collecting information. The GDPR was written to tackle issues around data collection as the previous laws were written when there were not means of obtaining massive amounts of sensitive information from devices such as smartphones and IoT devices.

What are the key changes?

The most important change is how companies share data behind the scenes.  Right now visiting a single website might feed data to dozens of different companies for analytics, logins, advertising, etc.   The GDPR means any company that gets that information second hand will have to explain why they need it and what they’re doing with it.  Data will no longer be shared to just anyone. If a big company is found in violation of the GDPR they can be fined up to 4% of their general global revenue.

Before you get too worried, keep in mind it is thought there will likely be a grace period while most companies are getting set up.  As far as your website goes there are certain steps that can be taken to ensure you are in compliance. If you have any further questions or need assistance you can send us an email.