EU Data Rules: The global effects of GDPR

World
Europe

02:54

And the effects of the long-awaited data protection law on citizens and companies are already clearly visible. Any business, organization or authority, anywhere in the world, which holds data on EU citizens has to comply with the new law or face huge fines. From Brussels, CGTN's Jack Parrock explains the global effects of the GDPR.

JACK PARROCK BRUSSELS "For the last couple of weeks citizens across Europe have been receiving emails asking whether or not they want to remain on mailing lists, be contacted by companies again or have their data used in particular ways."

Literally, anyone who controls any kind of data about people within the European Union's 28 member countries is affected by this new legislation. So even if a Chinese firm had one employee somewhere in Croatia say, they have to comply. And fines for misuse could run into the billions of dollars with the limit set for penalties at 4 percent of annual global turnover.

Essentially the GDPR forces entities to make it simpler for people to know how their data is being used and forced the firms to get direct consent from citizens before they use their data in any away.

Data breaches have to be reported to authorities with 72 hours and citizens must be given the data an origination has on them within 30 days of requesting.

As far as Chinese firms go, probably the most affected is Alibaba which supports a vast network of e-commerce businesses including in Europe dealing with huge amounts of customer data.

If WeChat had a big presence here it would also have a significant amount of data which falls under the GDPR but because a significant majority of WeChat's users are outside of the EU.

The main headache of the GDPR, however, is for smaller firms who deal with less data and are complaining they are having to implement the 88-page piece of legislation in the same way without teams of in-house lawyers like many of the internet giants. But even bigger organizations fell foul in the immediate aftermath of the GDPR coming into force.

US news websites like the LA Times and the Chicago Tribune became unavailable in Europe for not complying. And as soon as the law came into force, a famous Austrian privacy lawyer used his NGO called none of your business dot EU to launch 4 legal challenges against Google, Facebook, WhatsApp, and Instagram.

The cases could justify up to 8.2 billion dollars in fines and says that these four digital firms have used the implementation of the GDPR to force consent from their users to hand over data or see their service reduced. Jack Parrock, CGTN, Brussels."