The EU GDPR Explained
Techquickie
·Techquickie
·2019-05-06
·
967 words · ~4 min read
0:00
Thanks for watching Techquickie.
0:01
Click the subscribe button, then enable notifications with the bell icon, so you won't miss any
0:05
future videos.
0:07
So do you feel like whenever you type personal information into a webpage, it probably ends
0:12
up in the hands of an executive with dollar signs in his eyes holding court at a mad tea
0:16
party of advertisers and people with agendas?
0:20
Well, sadly, that's less of a paranoid delusion than I'd like, and it's exactly the kind
0:26
of thing that the European Union's new General Data Protection Regulation is trying to stop.
0:32
And because it was implemented so recently, plenty of large tech firms have been scrambling
0:36
to make sure they don't get caught on the wrong side of the law.
0:40
But what exactly does the law do?
0:42
So the basic idea is that any organization or business that either operates in the EU
0:46
or handles data relating to people in the EU has a few responsibilities.
0:51
Meaning that even a business here in Canada like Linus Media Group could find itself in
0:54
hot water with the European authority.
0:56
If I did something like, let's say, sell your email address to a company that makes explosive
1:00
discount power supplies.
1:02
But I wouldn't do anything like that to you guys.
1:04
Wait a minute.
1:07
But that doesn't mean your data can't be sold.
1:09
One of the biggest linchpins of the GDPR is consent.
1:13
If you're in the EU, you have a right to be informed about what type of data is being
1:17
collected and why it's being collected before you hit OK.
1:21
And this pertains to lots of different types of data.
1:23
A single photo, a comment you made on a public social media post.
1:27
And even your name are covered.
1:28
GDPR requires companies to specifically lay out each piece of data they're collecting
1:33
from you for your consent to be valid.
1:35
After you've given your consent and the zuck or whoever else gets their mitts on your sweet
1:39
sweet personal information, there are some more rules concerning how they have to store
1:42
it.
1:43
Specifically, it has to be protected in some way.
1:46
Whether it's through encryption or by keeping the data separate from other data that could
1:49
be used together to identify an individual person.
1:52
So for example, a national ID number should be sequestered from other information.
1:56
That could enable an attacker to work out who it belongs to.
2:01
And if an attacker does breach a database, or if someone was just careless with a USB
2:05
stick, the organization has to inform a data protection authority within three days of
2:10
when it found out.
2:12
And they'd also be on the hook to notify you, yes you Otto Schmidt from Berlin, in the case
2:16
of a really serious breach.
2:18
But if a mere notification isn't enough for you and you just want the data off their servers,
2:23
the GDPR also obligates companies to give you access to it.
2:26
So you can either do it on demand, or to delete your data upon request.
2:30
Partly stemming the tide of the internet is forever, with a right to be forgotten.
2:35
Though bear in mind that if one of your terrible hot takes gets retweeted a million times, there's
2:39
nothing you can do to force private internet users to delete their screencaps.
2:43
But back to businesses.
2:45
Why would they comply with this?
2:46
Well, as it turns out, there are serious consequences for businesses that don't handle your data
2:51
with respect.
2:52
For willful violations or for repeat offenders, the fines can be as high as 4% per year.
2:55
And that's a lot of money.
2:56
That's a lot of money.
2:56
And that may not sound like much, but for large enterprises like Google, that could
3:02
amount to billions, yes, billions of dollars.
3:06
So this sounds pretty good if you're an EU resident.
3:08
But what if you live in the US, Japan, or Guinea-Bissau?
3:12
Well, some tech firms like Facebook and Microsoft are implementing GDPR-compliant features worldwide,
3:18
giving users outside the EU the same level of access and control.
3:22
But don't imagine this is out of the goodness of their hearts.
3:25
In reality, it probably has more to do with the fact that they don't have access to data
3:26
protection.
3:27
It probably has more to do with it being more streamlined and having different policies
3:29
for different locations.
3:30
And it's also not a great look from a public relations perspective to give users in certain
3:34
places less robust data protection just because they can.
3:38
So that's a great step towards a more global internet because I, for one, have had just
3:42
about enough of geo-blocking anyway.
3:45
Are you interested in computer science?
3:47
Well then check out Brilliant, a problem-solving website that teaches you to think like a computer
3:51
scientist.
3:52
Instead of just passively listening to lectures, you get to master concepts by solving fun,
3:56
and challenging problems.
3:57
And Brilliant provides the tools and framework you need to tackle those challenges.
4:01
Brilliant's thought-provoking content based around breaking up complexities into bite-sized
4:05
understandable chunks will lead you from curiosity to mastery.
4:08
And you'll be in the company of over five and a half million members who share your
4:12
curiosity and love for math and science.
4:14
So what are you waiting for?
4:16
You can support Techquickie and learn more about Brilliant by clicking the link in the
4:19
video description or by going to brilliant.org slash LinusTechTips and signing up for free.
4:23
The first 200 people to go to the link will get 20% off at the end of the day.
4:25
Thanks for watching.
4:26
I'll see you next time.