Data protection laws are always being updated with more legislation being passed around them fairly often. They’re always being updated as technology is always developing further and being used for more things, meaning there need to be more laws regulating this. As technology evolved and became more important in society, people began inputting much more of their personal data into websites meaning that the companies behind these websites were given more responsibilities to ensure that their customers’ data is being protected. Some of the things that are protected under these laws include personal details of customers like their address but also things like employee records and any data collection. This data needs to be protected as if it’s not that it’s vulnerable to being used for phishing, fraud, or identity theft. If you own a business, it’s important that you don’t underestimate the importance of these laws and instead, you make sure that you’re not breaching any of them. There have been many high-profile data scandals from Enron to Cambridge Analytica, the one thing in common is that the punishment for breaching these laws is harsh. It ranges from heavy fines up to $500,000 which would destroy your business or could even land you in prison. Like any change in the external environment, these new laws are affecting many businesses, keep reading to find out how.
What are data protection laws?
Like other laws, the Data Protection Act is a whole set of rules and regulations in regard to how to store and use data. This act is vital for ensuring protection for customers and clients and it helps people to feel safe on the internet. Some of the main principles that make up this act include making sure businesses only use data in the way that they specifically stated that they would, don’t keep the data stored on their servers for longer than is necessary, keep data safe from third parties, and only use it within confines of the law. In addition to this, as children are much more vulnerable than adults there are additional rules in place called The Children’s Code. This is one of the newer laws around data protection, it’s used in relation to apps and online games that children are likely to access. 01
What is GDPR?
GDPR stands for general data protection regulations and you need to be aware of these if you own or run a business. GDPR gives individuals 8 basic rights including the right to access any personal data a business may have saved from them, the right to be forgotten, for example, if they withdraw their consent, and the right to be informed and to object. This means that if any data is gathered on them, they must be told and given the option of whether to accept or object to this.
How are these laws affect businesses?
Businesses have had to make any changes to ensure that they’re not breaching any data protection laws. One thing that used to be a common business technique is that businesses would use something called annuity leads. This is when businesses would buy a list of specific people i.e. they might buy a list of people who earn over $200,000 and try to set up sales appointments with these people to get them to invest in their business. Usually, a business will buy several lists and once they’ve made all the sales they can from the lists they’ve bought they’ll buy more so they can keep setting up sales appointments. With these new data protection laws, it is much more difficult for people to buy annuity leads as it’s part of the data protection act that you can’t sell on people’s personal data.
Examples of breaches to the Data Protection Act
As previously mentioned, the Cambridge Analytica scandal was the biggest data breach of all time as they obtained information from over 87 million Facebook profiles. They were found guilty in court and given a heavy fine. Other companies that are suffering fines from data breaches include British Airways who were fined $200,000 and Marriott International are going to be fined around $99 million, so if you have a business this should highlight how important it is to not breach the data regulations.