In a “skim the surface” nutshell, the General Data Protection Regulation – or GDPR –will hold businesses even more accountable if they let consumers’ data fall into the wrong hands.

New regulations are set to take place in Europe this week, ones that are intended to provide better security and privacy for EU consumers. So what does the GDPR have to do with you as a U.S. consumer? And more importantly, why are all these companies emailing you about it all of a sudden?

The GDPR is giving a lot more protection to consumers. For example, the EU is invoking a broader “right to be forgotten” measure that is currently in place, one that lets you request—at least in Europe—that inflammatory or unfounded articles about you be removed from search engines. EU residents also have the peace of mind of knowing that a company now has 72 hours to report a data breach; even though you reside in the U.S., the company now has to report it almost immediately in Europe if it happens. There are several other new changes included in the GDPR, which you can read about here.

First, even though you may be in the U.S. if a company anywhere in the world gathers and/or stores EU consumer data, they have to comply with the new GDPR. As a result, some U.S. companies have updated their privacy policies and they’re simply informing their users and customers. That means companies like Facebook, Amazon, Walmart and many more are making some changes and spreading the word.

On a very positive note, some companies are using this new mandatory compliance to tighten up their security even in places where it’s not yet required by law. After all, if you’re changing your company’s business practices for millions of users in Europe, why not make all of your users’ information safer?

It’s important to note that these emails you may have received are simply informing you of the shift in privacy practices that will take effect this week. There’s nothing specific for you to do unless you’ve been given instructions, such as setting up two-factor authentication or changing your password. Also, this flood of emails can help you in another way: you may have forgotten you signed up for company emails. If that’s the case, now is a good time to delete your account if you don’t use it or change your old password if you wish to continue having an account. That way, you may be able to avoid having your information compromised if one of those companies is ever the victim of a data breach.


For toll-free, no-cost assistance, contact the Identity Theft Resource Center at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.