TODAY |

Kiwi companies revise email mailing lists as new European Union privacy laws kick-in

You may have noticed your inbox being inundated with emails from companies asking you to review their privacy policies, or asking you to re-subscribe to their mailing lists.

It’s a reaction to a new General Data Protection Regulation (GDPR) coming into force tomorrow, after being passed by the European Parliament two years ago.

The laws aim to give consumers better control of their own data, including the chance to 'opt-in' to sharing that data.

Among the key changes are:

  • The right to be forgotten, meaning all data about someone can be deleted.
  • The right to data portability, so any information companies store about customers can be demanded, and moved elsewhere.
  • And the right to be notified of any data breach as quickly as possible.

Privacy commissioner John Edwards says Kiwi businesses could be caught up in the far-reaching rules, "if they've got a place of business in Europe, if they're targeting European customers with European languages, if they're over 250 employees or they're collecting particularly sensitive sorts of data from European citizens".

"A New Zealand business that's doing business in Europe will have to be cognisant of these. We still don't know exactly of the application of the laws in New Zealand, so that's something we're going to find out more as the law's applied."

Entertainment organisation Auckland Live is among those who have sent out emails giving customers the opportunity to opt-in or out of their mailing list.

“Within the hundreds of thousands of people we have in our database, we will have patrons that are based in the European Union," Auckland Live’s David Bavage says.

“To protect them, and meet our obligations, we want to make sure that all our patrons are aware of the new [GDPR] legislation.”

AUT computer scientist Dave Parry says most businesses with a web presence will have to be wary of the new rules.

"It changes the relationship in some ways between the company and the consumer, in that the consumer then is seen very much as the owner of that data. And that you're giving it to the company for particular reasons," he said.

The dangers of privacy breaches, cybercrime and misuse of persona data had led to beefed-up laws in the EU. Source: 1 NEWS