Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
A data subject is a person (or in some cases an entity) that can be identified through the use of available data markers, including items like names and unique identification numbers, as well as other identifiers like past purchase transactions, that are held by a third party. The use of the term “data subject” has been popularized by the General Data Protection Regulation (GDPR), a European standard adopted in 2018.
The term “data subject” is a way to refer stored personal data back to its corresponding person. The goal of the GDPR, writ large, is to manage the use of data by third parties, and to protect the privacy and rights of individuals who may have their personal data held in third-party reserves. For instance, the GDPR creates remedies for these individuals accessing their own personal information as it is held by third parties, and asking third parties to change or modify that information.
For example, suppose a European consumer bought an umbrella, and his or her credit card information and personal identifiers are held in an e-commerce database. Whether that business is American, or European (or of other origin), the EU rule states that a data controller must act on data subject requests coming from the EU, for instance, a request to change a faulty identifier, or rightfully delete data.