Request a Quote

Experts laud GDPR at five year milestone

We Keep you Connected

Experts laud GDPR at five year milestone

Experts laud GDPR at five year milestone
Your email has been sent
The GDPR, in effect for five years on May 25, has influenced the U.S. data privacy laws and is likely to exert itself when AI creates a new set of privacy challenges.
Fundamentally, the General Data Protection Regulation’s right-to-privacy focus — giving people provenance over their data — allows individuals to dictate how companies, including data brokers, use their personally identifiable information.
GDPR — a set of data privacy regulations throughout the European Union — has extra-territorial scope, meaning platforms and websites outside of the EU that traffic in the PII of those inside the EU must also comply with its directives.
The largest consequence of this provision to date in monetary terms was this week’s $1.3 billion fine on Meta and the order to stop processing European Union user data in the U.S.
As consent management platform Cookiebot explains it, GDPR laws stipulate that a website engaging with visitors from inside the EU, and before processing personally identifiable information must:
Several experts weighed in on the virtues of the GDPR at WithSecure’s Sphere23 event in Helsinki, Finland.
“The European Commission is criticized for many things, but GDPR is the one thing where it can hold its head up high and say, ‘We’ve led the world in this.’ As regulatory milestones go, it’s the equivalent of climbing Everest. And it seems to be working as other jurisdictions are following suit,” said Paul Brucciani, cybersecurity adviser at WithSecure.
He noted that internet fragmentation, driven by the quest for digital power, created complexity that the EU addressed with the GDPR, and which it is also applying to new technologies. “For example, AI is the next big field that will need regulating, and the EU has again made a head start on this with its proposed AI Act, a legal framework that is intended to be innovation-friendly, future-proof and resilient to disruption,” he said.
Sylvain Cortes, the VP of strategy at Hackuity, said it’s a good start, but not enough.
“Compliance is essential, but we urge organizations to take the opportunity to think beyond baseline requirements to develop a culture of continuous cyber improvement,” he said. “It’s important to remember that achieving compliance shouldn’t be treated like ‘exam-cramming’ with last-ditch efforts to achieve annual or quarterly audits. The goal is to achieve more than the minimum requirements and move away from the tick-box mindset. GDPR compliance is necessary, but it is far from sufficient for modern organizations,” he added.
While the U.S. lacks national data privacy laws, eight states so far have enacted either comprehensive privacy legislation or more limited or tailored legislation giving consumers power over how their personal data is trafficked. Among them are:
Maine, Colorado, Utah, Iowa, Indiana and Connecticut are also on the growing list of states with comprehensive or tailored privacy laws. Montana, Texas and Florida also have similar bills awaiting governors’ signatures.
Jeff Reich, executive director at the Identity Defined Security Alliance, said these laws and others coming owe their provenance to the GDPR.
“The rock in the pond that is the GDPR continues to cause ripples that affect everything in the vicinity,” he said. “Seven years after the GDPR was adopted, five years after enforcement began, it is difficult to not see the results of the regulation, to date. Merchants and vendors know what they need to do, even when they do not know how to do it yet. The best behavior change is with consumers.”
He said the biggest long-term benefit may be consumers’ ability to see the value of their identity and the security that protects their personal data.
Stay up to date on the latest in technology with Daily Tech Insider. We bring you news on industry-leading companies, products, and people, as well as highlighted articles, downloads, and top resources. You’ll receive primers on hot tech topics that will help you stay ahead of the game.
Experts laud GDPR at five year milestone
Your email has been sent
Your message has been sent
TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.
Get up and running with ChatGPT with this comprehensive cheat sheet. Learn everything from how to sign up for free to enterprise use cases, and start using ChatGPT quickly and effectively.
Get the most out of your payroll budget with these free, open source payroll software options. We’ve evaluated the top eight options, giving you the information you need to make the right choice.
We highlight some of the best certifications for DevOps engineers. Learn more about DevOps certifications.
With so many project management software options to choose from, it can seem daunting to find the right one for your projects or company. We’ve narrowed them down to these ten.
This Microsoft PowerToys app simplifies the process of visualizing and modifying the contents of the standard Windows Registry file.
Stay up to date on the latest in technology with Daily Tech Insider. We bring you news on industry-leading companies, products, and people, as well as highlighted articles, downloads, and top resources. You’ll receive primers on hot tech topics that will help you stay ahead of the game.
PURPOSE Onboarding and offboarding employees requires careful attention. Otherwise, team members may receive insufficient permissions to perform their jobs or continue to have access long after their employment’s termination. Given the stakes, the problem is even worse when managing IT staff permissions, so it’s imperative that your company adopts a system to ensure consistency. Employees, …
PURPOSE TechRepublic Premium presents 10 tips for the Firefox open-source browser. Even if you only follow some of these, you’ll find your browser experience to be much improved. From the article: 1. USE CAUTION WITH ADD-ONS AND THEMES This is one of the first tips I always offer. I’ve seen web browsers with so many …
PURPOSE The purpose of this Bring your own device policy from TechRepublic Premium is to provide requirements for BYOD usage and establish the steps that both users and the IT department should follow to initialize, support and remove devices from company access. These requirements must be followed as documented in order to protect company systems …
PURPOSE Whether due to budget cuts or performance, letting staff go is sometimes a necessity. There are many steps and considerations HR managers need to navigate when it comes to employment termination. Enlisting an employee termination checklist, like this one from TechRepublic Premium, can help supervisors, managers and HR put in place best practices and …

source

 

Enterprise Guardian (EnGuard) specializes in HIPAA Compliant Email for the Healthcare Industry.
HIPAA Compliant Email, Telehealth & Cloud Made Easy.

 

GET THE LATEST UPDATES, OFFERS, INFORMATION & MORE