The European Union enacted the “General Data Protection Regulation” (GDPR), which set forth new regulations for commercial companies and organizations to handle online user data. However, this major update of the data protection law may have a significant impact on a global scale.
Also read: What You Have to Know about GPDR
But what does GDRP mean for businesses outside Europe. This is a question asked by many companies. If you are not in Europe, should you care about GDPR?
In the GDPR overview, Article 3 deals with territorial scope(GPDR key change). It explains how the GDPR requirements not only apply to companies and organizations located in Europe – it is a given one, but also includes companies outside of the jurisdiction that may be applicable too as well. In short, the GDRP does not only apply to companies in the EU but also to companies outside of the EU that store, process or share personal data of EU citizens. It also applies to companies who either provide goods or services to EU citizens. All companies belonging to these categories must meet all GDPR requirements. This is why it is very important – even for non-EU companies – to understand and prepare for it.
The Internet doesn’t really have geographical boundaries. It creates a borderless world where data can travel across borders without passports or visas. Therefore, new laws in Europe have led business organizations around the world to step up reforms.
Some companies which were unprepared for new regulations even choose to suspend their services or application functions to avoid potential legal disputes in European countries. It includes Yeelight, a maker of smart devices under the Xiaomi Group ecosystem. Yeelight has sent a message to users that its light bulb may not work properly due to GDPR related issues. “According to GDPR, we will not be able to continue providing this service to you.” the message said.
As to famous platforms such as Tencent and Alibaba, they must be prepared for the new rules to avoid any disputes caused by data issues. Tencent’s QQ sent a notice to international users and announced that it would stop providing services to European users from May 20. Alibaba Cloud relevant staffs said that they had made improvements in terms of platforms, systems, products, services, compliance, processes, and policies.
Some global internet giants such as Facebook, Google and Apple, they have been busy preparing to comply with new EU regulations. For example, WhatsApp, which is part of the Facebook Group, in its latest updated version, added a new “Request Account Information” item in the setting part of the APP. Users can press the request button to let WhatsApp create the user’s account information and settings report. The report will be available for download within three days.
Doing business in the global market means that GDPR can’t be ignored. Now it is the time to make sure your company is prepared for it. Otherwise you will pay a high price. European data regulators can impose a penalty of up to 4% of global annual sales, whenever a company violates the new GDPR law. For tech giants like Facebook, there is a lot of risks because violations can mean billions of dollars.