In Europe They’re Giving Users Control of Their Online Data

The European Union is introducing tougher rules for how data collectors gather and use its citizens’ information and let consumers control their own data. Starting May 25, all 28 EU nations will be applying the General Data Protection Regulation, which sets new standards for any holder of sensitive data, from Amazon to local government councils. These rules will apply to any company that collects the personal data of EU residents. Plenty of firms are scrambling to make sure they’ll be able to comply even as some privacy experts are pressing for similar rules in the U.S.

Companies will have to post clear notices for users and get their “unambiguous” consent to collect data, instead of burying an OK inside fine print and legal jargon. That means the EU will no longer tolerate the confusing “terms and conditions” that must be agreed to while signing up for a fitness tracking app or ordering groceries online. It will be as easy for consumers to opt out of giving consent as to opt in, and they’ll have the right to refuse that their data be used for direct marketing purposes. Consumers will have the right to retrieve their data and give (or sell) it to another business. Collection of data on children under the age of 16 will be banned without parental approval.