- Microsoft will extend the data subject rights at the core of GDPR — such as the right to know what data Microsoft has on an individual and the right to deletion — to customers worldwide, according to a company announcement Monday.
- The company has systematized this promise in its updated privacy statement for consumer products and services, with transparency efforts to demonstrate changes made to the statement and tools for customers to exercise their data rights.
- The company has been invited to participate in official events in Brussels on Friday, when the European Union kicks the regulation into effect.
GDPR is almost here, and the world has caught on: just recently, the data protection regulation eclipsed Beyonce in Google search traffic.
Friday will mark the beginning of a new era in data protection, though with companies and regulators still uncertain of how the regulation will be enforced, it's shaping up to be a slow start. Regulators recognize many companies still need time to become fully compliant — whether by the complicated nature of changing data processes or procrastination.
Some companies have been gearing up for the legislation since 2016, however, and like Microsoft claim to have not only adopted the necessary measures for compliance but imbued the new data culture and practices across all corners of business.
Companies taking the spirit of GDPR and extending it to all global customers sit at the forefront of the changing data paradigm, embracing a growing understanding of data privacy as a human right. The action may payoff with customer loyalty and business efficiency down the road, but for now it is ultimately symbolic: mistakes or a lack of compliance outside the application area of GDPR are ultimately unenforceable.
Some companies, like Facebook, will roll out the "in spirit" protections to global users after May 25. Long-term, with the push for national data protection legislation in the U.S., these companies may benefit from already having the tools and processes in place.