{"id":523,"date":"2018-04-21T21:21:24","date_gmt":"2018-04-22T01:21:24","guid":{"rendered":"https:\/\/www.amp.legal\/blog\/?p=523"},"modified":"2018-04-21T21:48:57","modified_gmt":"2018-04-22T01:48:57","slug":"gdpr-strengthens-eu-data-privacy","status":"publish","type":"post","link":"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/","title":{"rendered":"GDPR Strengthens EU Data Privacy"},"content":{"rendered":"<p>On May 25, 2018, the General Data Protection Regulation (GDPR) will take effect in the European Union. The GDPR requires companies to get permission from customers before sharing their data. A company that does not comply with the GDPR could face a penalty of up to 4% of its global revenue.<\/p>\n<p>The GDPR outlines several <a href=\"https:\/\/www.eugdpr.org\/key-changes.html\" target=\"_blank\" rel=\"noopener noreferrer\">rights of consumers<\/a>. Under the GDPR, companies must clearly get consent from customers before sharing their personal information. Also, if a data breach occurs, customer notification is mandatory within 72 hours of learning about the breach. Additionally, the GDPR includes the right of data erasure, which is the right to be forgotten under certain conditions.<\/p>\n<h3><img decoding=\"async\" loading=\"lazy\" class=\"size-medium wp-image-529 alignleft\" style=\"float: left; padding-right: 1em;\" src=\"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2018\/04\/optin-key-300x175.jpg\" alt=\"\" width=\"300\" height=\"175\" srcset=\"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2018\/04\/optin-key-300x175.jpg 300w, https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2018\/04\/optin-key-768x448.jpg 768w, https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2018\/04\/optin-key-700x408.jpg 700w, https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2018\/04\/optin-key-520x303.jpg 520w, https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2018\/04\/optin-key-360x210.jpg 360w, https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2018\/04\/optin-key-250x146.jpg 250w, https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2018\/04\/optin-key-100x58.jpg 100w, https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2018\/04\/optin-key.jpg 900w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/>GDPR Opt-In Requirement<\/h3>\n<p>Under the GDPR, users must give explicit consent to allow the sharing of their data. To comply, a company must place the consent to \u201copt-in\u201d in a separate place from the terms of service. Any boxes on a signup form cannot be pre-checked to opt-in. Also, users must be able to easily withdraw any consent to share their information.<\/p>\n<p>Good business practices will keep a company in <a href=\"https:\/\/www.hallaminternet.com\/how-to-make-your-website-gdpr-compliant\/\" target=\"_blank\" rel=\"noopener noreferrer\">compliance with the GDPR<\/a>. For example, when a user signs up for a mailing list, a company should verify the user. By implementing a \u201cdouble opt-in\u201d feature, a user receives an email with a verification link. This method also prevents unwanted web bots from clogging up a company\u2019s database.<\/p>\n<h3>U.S. Data Privacy Regulation<\/h3>\n<p>The Federal Trade Commission (FTC) is the primary U.S. agency that <a href=\"https:\/\/www.ftc.gov\/news-events\/media-resources\/protecting-consumer-privacy\/enforcing-privacy-promises\" target=\"_blank\" rel=\"noopener noreferrer\">enforces privacy policies<\/a>. As its mission, the FTC makes sure that companies keep their privacy promises and investigates companies that misuse consumer data.<\/p>\n<p>The GDPR is influencing congressional lawmakers to push for a federal data privacy law. Several bills are currently on the table, which include:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.congress.gov\/bill\/115th-congress\/senate-bill\/964\" target=\"_blank\" rel=\"noopener noreferrer\">MY DATA Act<\/a> \u2013 expands the authority of the FTC<\/li>\n<li><a href=\"https:\/\/www.congress.gov\/bill\/115th-congress\/house-bill\/2520\" target=\"_blank\" rel=\"noopener noreferrer\">BROWSER Act<\/a> \u2013 requires permission from users to collect sensitive data<\/li>\n<li><a href=\"https:\/\/www.congress.gov\/bill\/115th-congress\/senate-bill\/2639\" target=\"_blank\" rel=\"noopener noreferrer\">CONSENT Act<\/a> \u2013 requires edge providers to\u00a0obtain\u00a0an opt-in consent to use data<\/li>\n<\/ul>\n<p>In the aftermath of the <a href=\"https:\/\/www.amp.legal\/blog\/facebook-users-allege-privacy-breach\/\">Facebook privacy breach<\/a>, the passage of a federal privacy bill is possible in the near future. Meanwhile, some state lawmakers may take their own initiative to pass a state privacy law. Currently, <a href=\"http:\/\/www.ncsl.org\/research\/telecommunications-and-information-technology\/state-laws-related-to-internet-privacy.aspx\" target=\"_blank\" rel=\"noopener noreferrer\">less than half of the states<\/a> have a law that regulates privacy policies. In comparison, federal lawmakers have failed to pass a federal data breach notification law. As a result, the lack of a federal law caused all the states to pursue their own <a href=\"https:\/\/www.amp.legal\/data-breach-law-tool\/\">state data breach laws<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On May 25, 2018, the General Data Protection Regulation (GDPR) will take effect in the European Union. The GDPR requires companies to get permission from customers before sharing their data. A company that does not [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":524,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[78],"tags":[31,82,12,9],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>GDPR Strengthens EU Data Privacy - Cyber Law Blog<\/title>\n<meta name=\"description\" content=\"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"GDPR Strengthens EU Data Privacy - Cyber Law Blog\" \/>\n<meta property=\"og:description\" content=\"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/\" \/>\n<meta property=\"og:site_name\" content=\"Cyber Law Blog\" \/>\n<meta property=\"article:published_time\" content=\"2018-04-22T01:21:24+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-04-22T01:48:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2018\/04\/keylock.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"900\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/\"},\"author\":{\"name\":\"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/2abed582dc9fbf067a8aa30d3e21453f\"},\"headline\":\"GDPR Strengthens EU Data Privacy\",\"datePublished\":\"2018-04-22T01:21:24+00:00\",\"dateModified\":\"2018-04-22T01:48:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/\"},\"wordCount\":411,\"publisher\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/#organization\"},\"keywords\":[\"business\",\"GDPR\",\"privacy policy\",\"state breach laws\"],\"articleSection\":[\"Data Privacy\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/\",\"url\":\"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/\",\"name\":\"GDPR Strengthens EU Data Privacy - Cyber Law Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/#website\"},\"datePublished\":\"2018-04-22T01:21:24+00:00\",\"dateModified\":\"2018-04-22T01:48:57+00:00\",\"description\":\"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.amp.legal\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"GDPR Strengthens EU Data Privacy\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#website\",\"url\":\"https:\/\/www.amp.legal\/blog\/\",\"name\":\"Cyber Law Blog\",\"description\":\"Exploring technology law in cyberspace\",\"publisher\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.amp.legal\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#organization\",\"name\":\"Alice M. Porch, P.A.\",\"url\":\"https:\/\/www.amp.legal\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/08\/AMP-Logo.png\",\"contentUrl\":\"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/08\/AMP-Logo.png\",\"width\":1104,\"height\":1114,\"caption\":\"Alice M. Porch, P.A.\"},\"image\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/2abed582dc9fbf067a8aa30d3e21453f\",\"name\":\"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b0913e4ef042f9c502b709824db43e8f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b0913e4ef042f9c502b709824db43e8f?s=96&d=mm&r=g\",\"caption\":\"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+\"},\"description\":\"Alice is a member of the Florida Bar, and she focuses on data privacy and cybersecurity compliance. She attended the Warrington College of Business at the University of Florida and earned a Bachelor of Science in Business Administration. After graduating, she earned a Juris Doctor at the Stetson University College of Law. During law school, she served as an Assistant Executive Editor for Stetson Law Review and also as a Staff Editor for Stetson Journal of Advocacy and the Law. She also served as a member of The Florida Bar Journal\/News Editorial Board from 2018-2024. She is currently a member of the Florida Bar Cybersecurity and Privacy Law Substantive Law Committee.\",\"sameAs\":[\"https:\/\/www.aliceporch.com\",\"https:\/\/www.linkedin.com\/in\/alice-m-porch\/\"],\"url\":\"https:\/\/www.amp.legal\/blog\/author\/amplegal\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"GDPR Strengthens EU Data Privacy - Cyber Law Blog","description":"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/","og_locale":"en_US","og_type":"article","og_title":"GDPR Strengthens EU Data Privacy - Cyber Law Blog","og_description":"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.","og_url":"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/","og_site_name":"Cyber Law Blog","article_published_time":"2018-04-22T01:21:24+00:00","article_modified_time":"2018-04-22T01:48:57+00:00","og_image":[{"width":900,"height":525,"url":"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2018\/04\/keylock.jpg","type":"image\/jpeg"}],"author":"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/#article","isPartOf":{"@id":"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/"},"author":{"name":"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+","@id":"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/2abed582dc9fbf067a8aa30d3e21453f"},"headline":"GDPR Strengthens EU Data Privacy","datePublished":"2018-04-22T01:21:24+00:00","dateModified":"2018-04-22T01:48:57+00:00","mainEntityOfPage":{"@id":"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/"},"wordCount":411,"publisher":{"@id":"https:\/\/www.amp.legal\/blog\/#organization"},"keywords":["business","GDPR","privacy policy","state breach laws"],"articleSection":["Data Privacy"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/","url":"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/","name":"GDPR Strengthens EU Data Privacy - Cyber Law Blog","isPartOf":{"@id":"https:\/\/www.amp.legal\/blog\/#website"},"datePublished":"2018-04-22T01:21:24+00:00","dateModified":"2018-04-22T01:48:57+00:00","description":"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.","breadcrumb":{"@id":"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.amp.legal\/blog\/gdpr-strengthens-eu-data-privacy\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.amp.legal\/blog\/"},{"@type":"ListItem","position":2,"name":"GDPR Strengthens EU Data Privacy"}]},{"@type":"WebSite","@id":"https:\/\/www.amp.legal\/blog\/#website","url":"https:\/\/www.amp.legal\/blog\/","name":"Cyber Law Blog","description":"Exploring technology law in cyberspace","publisher":{"@id":"https:\/\/www.amp.legal\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.amp.legal\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.amp.legal\/blog\/#organization","name":"Alice M. Porch, P.A.","url":"https:\/\/www.amp.legal\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.amp.legal\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/08\/AMP-Logo.png","contentUrl":"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/08\/AMP-Logo.png","width":1104,"height":1114,"caption":"Alice M. Porch, P.A."},"image":{"@id":"https:\/\/www.amp.legal\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/2abed582dc9fbf067a8aa30d3e21453f","name":"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/b0913e4ef042f9c502b709824db43e8f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b0913e4ef042f9c502b709824db43e8f?s=96&d=mm&r=g","caption":"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+"},"description":"Alice is a member of the Florida Bar, and she focuses on data privacy and cybersecurity compliance. She attended the Warrington College of Business at the University of Florida and earned a Bachelor of Science in Business Administration. After graduating, she earned a Juris Doctor at the Stetson University College of Law. During law school, she served as an Assistant Executive Editor for Stetson Law Review and also as a Staff Editor for Stetson Journal of Advocacy and the Law. She also served as a member of The Florida Bar Journal\/News Editorial Board from 2018-2024. She is currently a member of the Florida Bar Cybersecurity and Privacy Law Substantive Law Committee.","sameAs":["https:\/\/www.aliceporch.com","https:\/\/www.linkedin.com\/in\/alice-m-porch\/"],"url":"https:\/\/www.amp.legal\/blog\/author\/amplegal\/"}]}},"_links":{"self":[{"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/posts\/523"}],"collection":[{"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/comments?post=523"}],"version-history":[{"count":9,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/posts\/523\/revisions"}],"predecessor-version":[{"id":537,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/posts\/523\/revisions\/537"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/media\/524"}],"wp:attachment":[{"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/media?parent=523"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/categories?post=523"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/tags?post=523"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}