Evolution Of GDPR
Europe has always updated itself with the new privacy policies from time to time. In 1981, to protect the privacy rights of individuals a treaty known as Council of Europe Convention was signed by council of Europe which came into effect in 1985. Again in 1995, under the European Union Privacy and human rights law, Data protection Directive was introduced to protect the processing of the personal data of individuals.
From 2009, there were a lot of conferences and meetings held by European Union to discuss about the protection of data privacy of the individuals according to the modern era. After a lot of discussions and deliberations, GDPR was introduced which was finally drafted and adopted by European Union in the year of 2016. Coming into effect from May 25, 2018 GDPR will be replacing the Data protection Directive policy, 1995.
GDPR – An Overview
General Data Protection Regulation is introduced by the European Union to safeguard the privacy data of European citizens. In this digital age, many of the government organizations, private organizations, non-profit organizations etc. have access to our personal information without our consent and is being misused. With the GDPR coming in, there will be transparency and strengthening of the fundamental rights of individuals. Individuals will have the control related to the usage of their personal data.
GDPR is applied to all the citizens residing in European Union. It is also extended to the organizations overseas which operate in EU or have EU citizens as their customers. So, this means that all the major corporations need comply with the rules of GDPR. As GDPR is a regulation and not a Directive it should be implemented by all the 28 countries of European Union and also by the other countries which have EU citizens as their customers.
Because previously each country was having a different law related to data protection. But with this regulation, it is a single law practiced by all the countries European Union is going to save €2.3 billion every year related to administration burdens If any of the company doesn’t comply with GDPR, then they need to face a penalty of €20 million or 4% of the company worldwide turnover whichever is greater.
Impact On India
There is a lot of impact on India with the GDPR policy coming up. Europe is one of the major market place for Business process outsourcing, pharmaceutical companies, IT Industry etc. for India. India’s biggest outsourcing market is also the EU. So, for Indian companies to continue doing their business in Europe, they need to comply with GDPR policy. Indian data protection laws being GDPR compliant strengthens their stand in the outsourcing market. As GDPR has introduced cross border restrictions, India needs to be careful while it transfers any of the personal data outside European Union. Most of the Indian companies should try to see GDPR as an opportunity rather than taking it as a burden.
India in the recent years has improvised its technology to a great extent and it is still growing. Now, the Indian organizations have a chance to showcase their technology by providing good privacy policies which are compliant to GDPR. For many of the Indian data companies this will be a golden chance to review their information security, their policies which are confidential, data protection policies and make them compliant according to the global standards. This initiative will help the Indian companies to maintain a good business and match with global standards.
Is GDPR A Boon Or A Bane?
So, GDPR is one of the greatest initiatives that has been taken by the European Union in regard to data protection. Though it might be a burden for the companies to comply with GDPR policies (to begin with) but once they comply with the regulation will be sorted out. Under Information Technology Act, 2000 India doesn’t have strong data protection laws at present.
But once if the government starts working towards the IT act and start making the Indian data protection laws strong India will also be able to match the global standards of data protection laws. With this, Indian companies will be competitive again and can increase their market in European Union.