The General Data Protection Regulation goes into effect in Europe on May 25. That means that companies that collect your personal data must ask you if they can use, keep or share it. They can’t include disclosures in lengthy disclaimers either.
Rayna Stamboliyska, a data protection specialist based in Paris, says that under the new rules, the Internet is a place where no means no. She compares digital consent to sexual consent. She explains, “Before you even put your cookie on my computer, or in my mobile device, you have to make sure I consent to being followed.”
Companies that violate the new rules may be fined up to four percent of their global annual revenue or 20 million euros (about $25 million), whichever is higher. NPR reports that Facebook plans “to make all the same controls and settings available everywhere, not just in Europe.” Microsoft and Google have also indicated they are also extending Europe’s privacy rights to users around the world. Read more about it at NPR.