EU to Impose New Privacy Law on 2018, E-Commerce Businesses Must Prepare

From a decent point of view, an online business with a privacy policy has the exact management of the available information. This kind of policy is necessary in assuring both the owner of the website and the users the right agreement on how to gather, use, share and protect the users’ data during the actual visit from the website.

In the past years even when they introduced the Internet, majority of the web-based businesses do not have this privacy policy. However, the different issues that bother many ecommerce businesses online somehow triggered the decision to setup this type of policy and almost all business owners who run their websites imposed this guideline.

This is besides having a page for About Us, Terms of Use and Disclaimer.

Lately, there had been different reports online particularly in the United States about the implemented privacy policies of many businesses. As published through ecommercetimes.com, businesses in the U.S. have a privacy policy and regulated by the Federal Trade Commission (FTC). Under the rules of this commission, there is actually not necessary for a website to have such policy and if it has an existing one, the business must adhere to it and avoid any violation.

 

FTC actually can impose penalties and file lawsuits for businesses that do not adhere to their own privacy policy just like what happened to LifeLock, which the commission sued for its negligence before.

 

According to the news published by E-Commerce Times, there is a huge change next year regarding the privacy rights online of which the European Union (EU) will implement by May 2018. They are going to change the existing “EU Data Directive” or “EU Data Protection Directive 95/46/EC into “EU GDPR.” As detailed from the information about this new regulation, it will assure the data privacy rights of the citizens of EU and normalize the data privacy laws in the European region.

 

The basis of the regulations is that a person has a fundamental right to privacy and businesses or corporations have no right to sell or purchase such individual privacy.

 

As for those organizations in the United States, the reported news said that they might not learned about the upcoming policy of EU or think that they will only implement the GDPR in organization based in the European Union. On the other hand, it appears that this new policy next year will cover all the businesses or organizations that provide services or sell products, or that checks data coming from EU, and this is irrespective of the origin.

 

Any business or organization that provides service or sells products, or need to monitor information from the citizens of EU, the new regulations will cover them and subjected.

 

The published news information likewise revealed that businesses in America are now worrying about two important matters, which is enforcement and applicability. It may be possible that large-scale businesses can easily adjust to the new guidelines, but perhaps not for those small businesses. One reason is that they still need to determine if their clients are really origination from the European region.

 

The EU GDPR does not also exempt Cloud services because they usually store users’ data worldwide and not only in a particular region. This is the reason why they also need to learn about the upcoming regulations and determine of what effects they need to anticipate.

 

The current regulation mainly focuses on monitoring large-scale or multinational businesses and not those small-scales.  However, the new guidelines on May 2018 directly change this conventional approach. This is the exact reason why businesses in the U.S. and other parts of the world must start reviewing the available information about the EU GDPR ahead of time.

 

Surely, the penalties or charges for those who will not comply can hurt their finances and so awareness is very important.