GDPR: What does it really mean?

rakhirhif8963 · Post by **rakhirhif8963** » Sat Feb 08, 2025 9:20 am

Companies involved in major data breaches faced minimal or no legal liability. Although major data breaches can result in significant losses, not only direct and indirect, but also reputational damage, the affected organizations largely survived the disaster and continued to operate as usual. Simply put, even the high costs associated with data breaches, including regulatory fines, failed to drive change. The damage from user data breaches was perceived as a predictable and manageable business risk.

These are the prerequisites for the adoption of the GDPR. Its objectives included solving the listed problems and drawing attention to the question: why is data protection so important?

What does GDPR mean for the average user?
The need for the GDPR became even more apparent ahead of its entry into force on 25 May 2018, following another high-profile incident. This was the Cambridge Analytica and Facebook data breach . It was discovered that the personal data of 87 million Facebook users had been secretly collected in 2016 and used for political purposes. This unfortunate discovery was a stark reminder of the need to raise awareness among data subjects about the fact of data collection. The organisations involved in collecting and processing this data were also faced with the task of improving their procedures.

The incident, which occurred at the height of the honduras mobile database hype, cost Facebook about $600,000 in fines, cost the company $60 billion in stock value, and exposed it to potential lawsuits and fines from the U.S. government, giving data companies a clear example of the significant negative consequences of noncompliance.

This and other incidents showed that companies often kept security incidents under wraps and only disclosed them at the last minute, when the incident could no longer be hidden or after publication in the press. Data subjects were often unaware of security incidents that exposed their personal data to third parties.

Changing this state of affairs, where the data subject could not influence the situation in any way, and the companies whose activities resulted in the leakage of the subject's personal data did not bear any responsibility, and also tried to hide the fact of the leak, was one of the reasons for the emergence of the GDPR.