What is GDPR? , Why GDPR is needed?, For which GDPR is applicable? All there questions we will discuss in this article...
GDPR is a regulation in EUROPEAN UNION (EU) to give control citizens and residents of EU and EUROPEAN ECONOMIC AREA (EEA) over their personal data.
## What is GDPR? ##
European parliament adopt GDPR in 2016 to replace the outdated **DATA PROTECTION DIRECTIVE , 1995** and the **2008 framework decision on cross-border data processing in police and judicial cooperation** within the EU.
To protect the personal data and privacy of European citizen (EU) and European Economic Area (EEA).Personal data may include name, home address, image, email address, post of social networking websites, etc.
The regulation was to **take effect after two year** transition period and ,unlike a Directive it does not require enabling legislation to be passed by government;means it has been forced since May 2018.
## Why GDPR is need? ##
>*“data is the oil of 21st century”*
From above phrase importance of date can be understand.
Due to rapid increase in the involvement of internet in our private, professional, and public life we need a data protection regulation, so that without violating the individual privacy, the businesses and other activities can run smoothly.for example:-
Now a days almost every people use **Facebook, Whatsapp, Twitter, Truecaller ,Paytm, Chrome** etc and when these apps are installed, they require different type of permission like location, contacts, photos, microphone, camera etc by these permission they collect our private data and they may sell or share with third party by which they misuse our data.
![Whatsapp required permissions during installation]
#*Whatsapp required permissions during installation*
> *The potentail c saw millions of users’ data scraped,allegedly to*
> *influence the outcome of the 2016 US election.*
![fb required permission during installation]
#*Facebook required permission during installation*
> *According to RSA Data Privacy & Security Report, 80% of surveyed*
> *consumer (surveyed 7,500 consumer in FRANCE, GERMANY, ITALY, UK & U.S)*
> *lost their banking and financial data like security information (e.g.*
> *passwords) and identity information (e.g. passports or driving*
## For which GDPR is applicable? ##
It is applicable to data controller (company that collect data from EU), processor (which process the data on behalf of data controller) and data subject(person).
![GDPR on social networks]
The GDPR is not only applicable to organizations located within the EU but it will also apply to organizations located outside of the EU if they offer goods or services to,or monitor the behaviour of EU data subject.
It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of company’s location.
## In the context of india ##
As the indian ITes, BPO and pharma sectors company have cover large market in European countries so they have to process the data of people of EU. So indirectly these Indian companies will also have to follow the EU’s GDPR regulations.
Over the last eight years, India has seen multiple aborted attempts at enacting data protection and privacy legislation. In the last year, momentum has gathered in the form of the **Justice Srikrishna Committee** on data protection, which will soon present a draft bill to the ministry of electronics and information technology.