NEW YORK (CBSNewYork) – You may have noticed your inbox is flooded lately with several companies suddenly announcing new privacy policies.

Hundreds of companies have been alerting customers because of a new law in Europe.

“My inbox is crazy right now,” one woman told CBS2’s Reena Roy.

“I’ve been getting probably about two dozen emails, so far,” said another.

That’s because if they have any European users, they now have to comply with a new law called the GDPR, or general data protection regulation, which essentially gives European Union residents more control over their data.

“I think right now you’re seeing a shift of power in who has the power over our data. Do we have more power?” said Bridget Carey, senior editor of CNET.com.

More: What Is GDPR? Everything You Need To Know About Europe’s General Data Protection Regulations

To avoid billions of dollars in fines from the EU, many tech giants are keeping things simple by changing their policies for all users worldwide, letting people access their own data and see how it’s being used. They can even request it to be deleted. The law also requires companies to alert users of a breach within 72 hours.

“Folks like Microsoft and Apple are figuring ‘well, if we have to rearrange our whole privacy policy for them over there, we can make it apply to Americans, as well,’” Carey said.

“It does provide that extra level of comfort,” one man said.

“With all the data breaches that are going on, I think any type of additional protection we can have to our security will be important,” said a woman.

But some Roy spoke with said they’re not sure how much of a difference the changes will actually make and wondered how they will be monitored.

“It’s in the right direction. I just don’t know if it will be enforceable,” a man said.

For now, here in the U.S., companies have no legal obligation to release any data to users who request it, despite what their privacy policies may say.

Published reports say within hours of the new law taking effect Friday, lawsuits were filed against Facebook, Google and WhatsApp. A privacy advocacy group claims the companies have failed to comply with the law.