Data security and protection rules being brought in by the EU will affect how businesses can use social media to gather personal information.
The new rules are considered the biggest shake-up in data protection within the last 30 years. The General Data Protection Regulation has just been approved by the European Parliament and it will be in place beginning May 2018. For the first time, genetic data and biometric data is covered by the regulations.
Legal experts have said that this new regulation is aimed at protection of individuals and their personal data. Companies will have to prove not only that they had permission to gather the data but that the subject was aware of how the data was to be used. The company will also be required to demonstrate that they were using the data for the purpose that was originally stated and that they will only hold onto the data for as long as they need it for that purpose.
Individuals will also have strong rights to have their data erased or corrected if needed. The aim of the new regulations is to improve transparency so individuals can understand who has their data and how it is being used. Companies will find that their ability to pass on data to other interested parties will be restricted unless the subject has already agreed to this. Companies will also need to be aware that if a data subject access request is received it will need to be answered within a month.