How the GDPR will affect – and disrupt – online businesses. And why Idka has nothing to fear.

A major shift will take place in May next year when the General Data Protection Regulation, GDPR, is being implemented in Europe. Behind the dull name hides the most important and revolutionizing privacy regulation in decades. It will have a severe impact on the tech world.

The GDPR protects private online users from the interests of businesses and gives people more control over their own data. The new set of laws, which are to be implemented in the entire European Union, demand that companies dealing with user information, for example Google and Facebook, in order to do so need to get the users approval.

Vague general terms and conditions such as the ones being used today will not be valid under the new regulation. Exact information is going to be needed – what data is collected, why is it collected, where is it going and lastly “are you okay with this?”. People will need to specifically and actively approve all use of their data. The GDPR also requires way more transparency as to where information comes from, making it possible for users to for example back track where personalized ads origin from.

Previous information rules have been deemed toothless because of a lack of consequences when broken. Not this one.

Companies that misuse user’s online data according to the rules will under the GDPR risk fines totaling up to four percent of their total worldwide turnaround. That could mean that in the case of for example Google breaking privacy rules fines could add up to 30 billion dollars (based on Google’s 2016 revenue).

The regulation will oblige companies to within three days inform national regulators of data breaches. People will also gain further power to demand that companies remove data about them from the internet that is no longer relevant or accurate.

Another important point of the GDPR is that the laws does not only apply to companies within the EU, but all companies that have data on EU citizens.

All these factors will have major consequences for a long row of tech companies, small scale as well as big fish.

The Italian lawyer Giulio Coraggio, specialized on the internet, data and e-health, has said that many within the industry still “underestimate the amount of work that will be required” to live up to the new set of rules. According to him many companies, even big ones, doesn’t understand that this law might affect their entire business model.

For example, all Google’s personalized ads will require that you “opt-in” to see them – in other words you have to sign an agreement saying that you accept that Google directs ads at you. Furthermore, Gmail mines all your emails for information – also this would require for you to “opt-in” amongst with a number of other of the companies’ functions.

Facebook, another of the data collecting giants, will also face challenges. Information that gives up a person’s political opinion, ethnicity, race, religious beliefs, trade union membership, sexual orientation or other info concerning peoples sex life cannot be used without explicit consent (except if they have been made public by its “owner”) meaning that all private posts will be out of Facebooks reach unless the user actively gives the permission to deal with that data.

Facebook and Google are both companies that are directly in touch with the subjects whose data they use. For all those other third-party businesses trading with information the new rules will pose a serious issue: how are they going be able to get an approval from the subject matter since they lack channels of communications directly to them?

According to a survey done by Netscope only 1 in 5 companies are confident that they will be able to comply with the new regulations.

Amongst those 20 percent we find Idka – a new type of private social media collaboration platform built not on the model of doing business with data but on the contrary created from the idea that the customers integrity and privacy is what matters.

So why are the founders of Idka not worried about the GDPR?

You might already have guessed it.

Idka is already 100 percent compatible with the new set of strict rules that the General Data Protection Regulation will bring in May 2018. Not because Idka has been forced to adapt its business model but because Idka’s core values are beginning to be reflected by legislators.