As the days grow ever shorter, the flip flops and sunglasses get retired and pumpkin spiced everything hits our menus, the impending GDPR rolls ever closer.
In just over 6 months (25th May 2018), the General Data Protection Regulation comes into full effect, leaving media brands a rather short amount of time to make the necessary changes to the way in which they operate and manage risk to ensure they fully abide by the new law.
The existing directive, written in 1995, when print was still in its pomp and ‘the cloud’ merely referred to inclement weather is no longer fit for purpose in the digital era.
For media brands, the GDPR will modernize the law, to tackle the rise of social networks and cloud-based tech, as well as harmonizing it with all 28 EU member states. And that’s not just those media brands domiciled in EU states, or a post-Brexit Britain, but any media brand that circulates or broadcasts in the EU.
Meaning the storage, use and disclosure of personal data is enshrined in cross country law. No more directives, watertight legislation.
The Scoop For Media Brands
Data, the collection, interpretation, and use are the meat and drink for media brands. Boosting readerships, fine-tuning content and shaping future campaigns. And the GDPR will not end this, but simply regulate the process effectively.
It will hand greater control of personal data back into the hands of the reader. Allowing them a number of enhanced rights including access to their personal data, the ability to withdraw it and the right to be forgotten. A little bit of a headache for media brands.
It also strengthens the requirements around gathering data with greater emphasis on when you can collect and process personal data, how you secure it, and that you’re getting all the t’s & c’s checked to gather it in the first place.
And hold the front page, because non-compliance penalties are unlikely to lead to a slap on the wrist. The new penalties could lead to fines of up to €20m or 4% of a media brand’s global annual turnover – whichever is larger.
Read All About It: The Key Changes
- The GPDR will be applied across all 28 member states including UK.
- It uses an enforcement regime, as opposed to self-regulation and education.
- Large fines for non-compliance, up to €20 million or 4% annual income (whichever is larger).
- Stricter rules around gaining consent for data collection, data usage and marketing.
- Individual right to access personal data, correct it and withdraw it.
- Individual right to claim compensation.
- Compensation claims will be made easier and simpler for consumers.
Source:: Business 2 Community