Are You Treating Non-EU Customers Like Second Class Citizens or is it #GDPRforAll?


Ready or not, it’s finally arrived. From this day forward organizations that collect personal data on European citizens must comply with the long-anticipated General Data Protection Regulation.

In the days leading up to 25 May 2018, email inboxes were bombarded with updated privacy policies from every business you’ve ever interacted with, web sites exploded with pop-ups asking for permission to use cookies and collect data about you, and members of compliance committees at companies around the world double- and triple-checked their GDPR project plan spreadsheets.

It’s been interesting to watch the different approaches taken by companies collecting and protecting the personal data of EU citizens versus non-EU citizens. Some companies, like Microsoft, have promised to give users worldwide the same data and privacy rights Europeans will get under GDPR. Microsoft’s customers, no matter where they live, will be able to see what information the company collects about them and correct or delete it if necessary. They will also be able to object to the use of data for marketing and other purposes.

This stands in contrast to other firms, such as Facebook, that have been vague about applying GDPR provisions to non-Europeans, including the provision that lets Europeans object to (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – Protegrity authored by Suni Munshani. Read the original post at: