What New York Startups Need to Know About GDPR

You’ve probably noticed the flood of emails notifying you of new privacy policies and changes to online services that were enacted in response to the EU’s GDPR.

The General Data Protection Regulation (GDPR) was adopted by the European Union back in May 2016, but officially goes into effect today. Generally speaking, GDPR gives users of digital platforms more transparency and greater control over how their personal data is used.

By now, most (if not all) New York companies that have European customers have already changed their privacy policies and have worked ensure they are compliant with GDPR. But we also know many startups in our ecosystem don’t have European customers yet and have not needed to update their systems.

Just in case you’re not up to speed on these significant new regulations, we’ve published a policy brief that explains what GDPR is, how it affects New York companies, and what to look for in the U.S. when it comes to new data privacy regulations. Additionally, Wired has written a great in-depth walkthrough and the UK’s Information Commissioner’s Office offers a full compliance guide for businesses.

Tech:NYC co-chair Fred Wilson also wrote a short post outlining how GDPR will affect businesses. Wilson says GDPR “is the biggest user data privacy regulation to hit the Internet, at least in the last decade, and possibly forever.” He also says he hopes the U.S. and other countries will copy some parts of GDPR in the future while removing some of the “overwrought elements.”

As always, we will continue to monitor the issues surrounding data privacy and how it affects New York companies.