Beyond acting as a spam filter for all those emails you don't really want, what's this all about?

Four letters: GDPR.

GDPR stands for the General Data Protection Regulation. If it sounds complicated, well, it is.

It's a set of sweeping data privacy rules going into effect across Europe

and it applies to any company in the world with customers in the EU.

When it comes to the type of company that's affected by GDPR, who is it?

Everybody.

Everybody?

Absolutely everybody.

Regulators say the purpose of GDPR is to harmonize data privacy laws across the EU.

The basic goal is to give individuals more rights over how companies use their personal data.

So, for example, I now have to deliberately give consent to a company

if I want to keep receiving emails from them.

Or if I want a social media company to delete an embarrassing photo of me from when I was 16

because it's hurting my career, I have the right to do that.

For a consumer, it's brilliant because it means that you

are having a much greater say in what is done with your data.

GDPR goes into effect May 25.

But a recent survey from data analytics company SAS found only

half of companies worldwide say they'll meet the deadline to comply.

I think a lot of companies are sitting on their hands and seeing, how does this play out?

Tamzin Evershed has been overseeing GDPR compliance

at a U.S.-headquartered data management company for the past two years.

All our IT is out in the U.S. so it was quite new for them really,

the idea that they had to comply with a piece of European legislation.

Companies that aren't able to meet the requirements of GDPR face some serious fines -

up to 20 million euros or 4% of global annual turnover - whichever is bigger.

So for a tech giant like Facebook, that can equal over $1 billion.

And for a small business, it can mean make or break.

We've always historically had compliance departments. We've historically had IT departments.

What we're missing in the middle is the person that manages the data, the strategist as it were.

GDPR is providing opportunities for new jobs and companies in the data protection space.

Probably 80-90% of our business is GDPR-related right now.

Kyle DuPont is CEO of Ohalo, a London-based startup that provides “x-ray” scans

to help companies locate and track personal data.

European companies have definitely become very much aware of GDPR.

We're seeing a lot of traction recently just in the past month or so from U.S. companies

that sort of see an existential risk to bits of their businesses.

And they can either do two things.

They can pull out of Europe completely, or they can try to fix their problems.

GDPR is a headache for a lot of companies out there,

but it also looks like it's a win for consumers like you and me.

Hey everyone, Elizabeth here. Thanks so much for watching!

What do you think about GDPR?

Let us know in the comments section and leave us any other ideas.

Be sure to check out more of our videos over here.

See you later!