If I were to summarize the GDPR, I would do it this way: If the customer explicitly consents, (almost) everything can be done. Explain properly, ask questions and wait for approval. That’s what companies have to do. The reactions from the companies who contact me as a customer or user make me partly believe that it is not only American entrepreneurs who don’t care what your customers want. The question is never asked. Neither consent, nor rejection is given.
In my previous blog post titled Google joins the EU-U.S. Privacy Shield, I outlined the background of the EU-U.S. Privacy Shield Agreement (hereinafter referred to as the EU-U.S. Privacy Shield), which entered into force on August 1, 2016. In this post, I’ll take a look at the outcomes from the European Commission’s first annual review of the implementation of the EU-US Privacy Shield.
When we talk to customers and prospects about enterprise software in the cloud – such as Google G Suite – we often encounter reservations about privacy and data security. Do US companies such as Google, Microsoft & Co. really maintain the high standards that are legally binding in Germany and the EU? Attorney Wikey Chada takes a look at the facts.