Today's the day. If you've noticed a surge of emails lately from businesses telling you they have updated their privacy policies and asking you to agree to receive emails from them, it's because of the new General Data Protection Regulation (GDPR), which goes into effect today. GDPR requires businesses to protect the personal data and privacy of European Union (EU) citizens.
The E.U. wants to get away from the fast and loose Silicon Valley approach to data. No more "Collect it all, we'll figure it out later." Privacy must be in your design from the beginning. Business processes must be designed to protect citizen data and privacy rights from the start, not as an afterthought.
Personal data is the market inefficiency that companies like Google and Facebook exploited to conquer the world. They collected it virtually for free and sold access to marketers for revenue. GDPR is a recognition of this imbalance and the pendulum swinging back the other way. It's also European governments taking some power back from mostly U.S.-based economic juggernauts.