The General Data Protection Regulation – or GDPR for short, what does it mean for the normal guys and gals on the streets? Like myself for instance? First of all when you have waded through the thousands of messages asking you, nay plead with you to reply to agree to continue receiving messages which you might or not, have replied to; you will have found nothing has changed. You will still receive all these useless emails, especially on Gmail and including scams. One of the problems is that ordinary citizens, yes me included tend to put too much personal data on the web. Whilst I do not subscribe to Twitter or Facebook at all (yes, I am an anachronism) there are literally millions who will tell you all accompanied by loads of photos. So, what about protection then? Scammers and criminals will just laugh at the GDPR regulations. Governments can regulate whatever they want but in the end it will all depend on public acceptance and compliance. The best way to protect your data is NOT to give it in the first place. Or decide what can be seen and read and what not, what you can and will allow others to use (like email addresses). Furthermore do find ways to find out how much data is held about yourselves. Google will allow most of it to be deleted but you will have to search a bit about where it all is. If you are worried about Tesco or any other supergiant market holding all this stuff about what you like to eat, well bully for them I recently started to like potatoes again. Frankly it is of small consequence if they know I like black pudding, at least it might mean I will be able to get it locally! The main problem as always is - advertising. Businesses have found the Internet to be an exceptional way to advertise their wares and services. Whatever you have bought from Amazon will be recorded and you will receive adverts accordingly. Personally I do not mind too much because it keeps the wheels turning. But at the same time one would hope companies will treat your data with respect.
The excerpt from Wikipedia about business probably says it all - Business processes that handle personal data must be built with data protection by design and by default, meaning that personal data must be stored using pseudonymization or full anonymization, and use the highest-possible privacy settings by default, so that the data is not available publicly without explicit consent, and cannot be used to identify a subject without additional information stored separately.
Let's hope it will work!