How will GDPR affect my online activities?

How will GDPR affect my online activities?

Tuesday, 15 May, 2018

By now, you’ve almost certainly heard people talking about GDPR.

The General Data Protection Regulation is a European Union policy designed to defend consumer data, and ensure personal details aren’t permanently stored in corporate databases.

And even though the UK probably won’t be in the EU for much longer, a forthcoming Data Protection Bill will replicate GDPR and ensure its regulations impact upon us in the future.

Indeed, in many respects, it’s already impacted on us.

You’ve probably received a number of emails recently from firms you’ve previously bought from or registered your details with, asking you to confirm you’re happy to hear from them.

For many people, this has been the most visible impact of GDPR to date.

But with the new EU-wide regulation coming into effect on Monday the 25th of May, you’re going to be hearing a lot more about this regulatory change in the coming weeks and months.

Why is additional regulation necessary?

The simple answer is because domestic and international laws haven’t kept pace with the seismic changes in society, particularly regarding the internet and social media.

In the UK, our legal system still relies heavily on the 1998 Data Protection Act, which was written in an age when Snake was seen as a cutting-edge mobile phone game.

The DPA couldn’t possibly have anticipated the advent of cloud computing, smartphone apps or social media.

And as the recent Cambridge Analytica scandal highlighted, a lack of regulation has enabled bad practice to flourish throughout digital media platforms and fledgling industries.

Consumers are increasingly (if belatedly) waking up to the realisation that information provided to companies is stored and used in ways they don’t know about – or understand.

And in many cases, there’s been little accountability when things went wrong.

Yahoo failed to declare data breaches in 2013 and 2014 that affected three billion accounts.

It only admitted what had happened in 2016, when press stories revealed personal data belonging to 200 million Yahoo customers was being marketed to criminals on the dark web.

With data concerns in the news again, a recent report suggested 82 per cent of European consumers plan to view, limit or erase information companies have retained about them.

How will it work in practice?

GDPR combines attempts to bolster data protection standards with a commitment to inform people about where, how and why their information is being retained.

It doesn’t change how we use the internet or which web browser we use, so it’ll be business as usual in terms of online gaming, ecommerce and social media.

Even so, those ‘important update’ emails you’ve been receiving recently are the tip of a legislative iceberg, which companies around the world are attempting to navigate past.

From May 25th, anyone responsible for ‘controlling’ or ‘processing’ data will have to abide by GDPR’s rules on lawful, transparent and specific use of personal data.

This could be anything from IP addresses to DNA, or from political opinions to ethnicity.

Opt-in policies for emails and marketing databases will have to be unambiguously worded, eliminating those endless boxes of small print above a luminous “I agree” button.

Jargon-free English will make it easier to see what you’re signing up for, and apathy won’t be taken as tacit approval any more.

What rights do I have as a consumer?

Anyone holding your information must honour any requests to reveal how much data they hold and what they’re doing with it – akin to a Freedom of Information request.

More significantly, you have the right to be forgotten unless there’s a strong case for your request being rejected (such as a legal requirement).

You can withdraw consent for your data to be stored at any time, and the company must delete any information they hold.

There will doubtlessly be protracted legal arguments about whether the public sector’s rights and obligations regarding personal data hold supremacy over GDPR, or vice versa.

It’s also safe to assume IT departments will be swamped with queries from the 25th onwards.

There will probably be delays as new systems are rolled out for identifying what information a particular business holds on file for each client.

What happens if something goes wrong?

Companies suffering a data breach have 72 hours to inform the UK’s Information Commissioner’s Office about what’s happened, and what’s being done in response.

Failure to respond within three days may trigger a €10 million fine, and failing to follow data processing rules could incur a penalty of €20 million (or four per cent of annual turnover).

That should prevent any more Yahoo scenarios in future, though it will also shine a harsh light on the many small-scale or low-level data breaches that weren’t previously publicised.

Neil Cumins author picture


Neil is an expert tech writer. He's written hundred's of Guides to all things broadband!

News What's the story?

Keep up with the latest developments in UK broadband.

TalkTalk offers exclusive £80 reward to new fibre customers

The huge bonus is available to anyone signing up for a 'Faster Fibre' bundle through

TalkTalk offers exclusive £80 reward to new fibre customers Read more

TikTok ‘gifts’ empty kids piggy banks

Children are most vulnerable to 'influencer' donation pleas

Read more

Netflix ruins 90’s cartoon, enrages internet

The streaming giant came in for criticism for 'straightwashing' Japanese cult classic anime.

Read more

Porn-block pushed back by clerical errors

Further delays to the child-protection measure, with the process mocked as an 'utter shambles'.

Read more

How to watch Wimbledon online for free

How to make sure you don't miss out on the action from your favourite sports stars.

Read more

Fast fines for ISPs could end the “Loyalty Penalty”

But could the proposed measures mean worse deals for those who shop around?

Fast fines for ISPs could end the “Loyalty Penalty” Read more

Boris Johnson mocks full-fibre roll-out plans

The likely next PM boasts plans to beat current targets by 8 years, but is it all just hot air?

Read more

Broadband and phone companies to put Fairness first

Telecoms providers commit to raising standards.

Read more

UK to get legal right to decent and affordable broadband

New legislation will ensure minimum speeds for every UK household.

Read more

GDPR – One year on

The landmark legislation gave people the ‘right to know’ when their data had been hacked.

Read more

Slow broadband is costing us £2.2bn extra a year

Read more

Help Learn with us

Make the most of the internet with our broadband library.

Protecting your small business against cyber attacks

Protecting your small business against cyber attacks Read more

Could 5G end fixed-line home broadband?

Read more

How broadband availability varies across the UK

Read more

Which social media platforms should I be on?

Read more

Will you get online on holiday?

Stay connected during your get-away.

Read more

Make the most of your broadband overnight

Read more

The main causes of slow internet connections

Slow broadband can be more than just an irritant - but what causes it, and what can we do to fight back?

The main causes of slow internet connections Read more

Do you need to ramp up your broadband controls?

Read more

The different types of home computer

Read more

Will we all need gigabit broadband one day?

Read more

Explaining broadband industry jargon

Read more
Back To Top