How to find the silver lining in the EU’s looming General Data Protection Regulation penalties
- by 7wData
With less than a year remaining until the European Union’s new General Data Protection Regulation kicks in, the level of hyperventilation in the business world has reached epic proportions.
An April study by Veritas reports that 86 percent of organizations worldwide are concerned that that a failure to adhere to GDPR’s strong privacy guidelines could have a “major negative impact on their business,” and 18 percent fear it could put them out of business entirely. Another study fielded in the U.K. warned that FTSE 100 companies could face fines of as much as £5 billion each.
It’s always good to be prepared, but excessive handwringing at this point does little good and may obscure the positive impacts of GDPR in driving corporate security awareness, according to one expert. Darron Gibbard has studied the Regulation as it evolved from a patchwork of local standards over the past 20 years both in his current role as chief technical security officer at Qualys Inc. and in his previous role as head of risk and information security services at Visa Europe Ltd. In an interview with SiliconANGLE, Gibbard said much is still unknown about the details of GDPR and how aggressively it will be enforced.
“You can’t be too careful, but we don’t know how it’s all going to play out,” he said.
Organizations are particularly alarmed by the harsh penalties the regulation specifies: up to €20 million or 4 percent of a company’s annual worldwide sales for each infraction, whichever is greater. If enforced to their fullest extent, these fines could wipe out many businesses, but Gibbard believes that isn’t the EU’s intent.
“Everything about the current regulations is based on the seriousness of the breach,” he noted. “I’m a firm believer that there would have to be a similar approach” to GDPR enforcement, such as a sliding scale of fines based upon the number and severity of violations. In the meantime, the severity of the fines is getting companies focused on the changes they have to make and drawing the attention of C-level executives. “I think it’s more about fear and forcing organizations to take privacy more seriously,” he said.
The overarching goals of GDPR are laudable: Put control of personal information back in the hands of individuals, and force businesses to exercise greater responsibility when handling personal information. Businesses with sound data governance and classification procedures should experience little inconvenience and may even gain an edge over competitors who are struggling with compliance.
[Social9_Share class=”s9-widget-wrapper”]
Upcoming Events
Shift Difficult Problems Left with Graph Analysis on Streaming Data
29 April 2024
12 PM ET – 1 PM ET
Read MoreCategories
You Might Be Interested In
How to Ensure Privacy and Security in Test Data Management?
13 Mar, 2023For decades, businesses have been protecting data privacy to build customer trust. Fast forward to today, it is no more …
How big data has created a big crisis in science –
17 Dec, 2018There’s an increasing concern among scholars that, in many areas of science, famous published results tend to be impossible to …
Wi-Fi 6: Everything You Need To Know
8 Feb, 2020The news is a-buzz with Wi-Fi 6, the newest, fastest, most reliable wireless solution. But what exactly is it, and …
Recent Jobs
Do You Want to Share Your Story?
Bring your insights on Data, Visualization, Innovation or Business Agility to our community. Let them learn from your experience.