The General Data Protection Regulation, or GDPR, taking effect in the European Union on May 25 was created to protect EU citizens from potential abuses, like the recent Cambridge Analytica scandal. Though the timing may seem striking, it is coincidental: This law has been in the works for more than four years. GDPR will replace the Data Protection Directive (95/46/EC) of 1995.
Under GDPR, companies can be fined up to 4% of their worldwide annual revenue from the previous financial year. This is a staggeringly large penalty. A violation could cost Facebook, for instance, up to ~$1.6 billion. The number would be much greater for companies such as Google and Amazon.
1 – Consumer control
Source:: AdAge – Digital