WIRED discusses the EU General Data Protection Regulation – GDPR – and how the new privacy law will likely change the way web sites collect data on its users:

Instead, companies must be clear and concise about their collection and use of personal data like full name, home address, location data, IP address, or the identifier that tracks web and app use on smartphones. Companies have to spell out why the data is being collected and whether it will be used to create profiles of people’s actions and habits. Moreover, consumers will gain the right to access data companies store about them, the right to correct inaccurate information, and the right to limit the use of decisions made by algorithms, among others.

The law protects individuals in the 28 member countries of the European Union, even if the data is processed elsewhere. That means GDPR will apply to publishers like WIRED; banks; universities; much of the Fortune 500; the alphabet soup of ad-tech companies that track you across the web, devices, and apps; and Silicon Valley tech giants.

As an example of the law’s reach, the European Commission, the EU’s legislative arm, says on its website that a social network will have to comply with a user request to delete photos the user posted as a minor — and inform search engines and other websites that used the photos that the images should be removed. The commission also says a car-sharing service may request a user’s name, address, credit card number, and potentially whether the person has a disability, but can’t require a user to share their race. (Under GDPR, stricter conditions apply to collecting “sensitive data,” such as race, religion, political affiliation, and sexual orientation.)

If you do anything on the web, which in 2018 is tantamount to asking someone if they have electricity, then this is a must read. Europe really is at the forefront of privacy law, and we can only hope other nations will follow suit. But since the web knows no borders, GDPR will apply to every company and organization operating on the web. So as a netizen, become familiar with this regulation and know what is, and is not, allowed.

There is a lot of talk about GDPR all over the technology industry, but specifically the web. In light of todays Cambridge Analytica story detailing how the company easily collected data from Facebook, protecting consumer privacy from continued breaches of trust is paramount. A lot of money is being expended on GDPR compliance and I really wonder just how it will change the landscape, if it will change the landscape.

Just as Cambridge Analytica was able to exploit loopholes in Facebook’s system, I wonder what company will be the first to find and leverage loopholes in GDPR, and what will happen to them for doing so.