By: John Mancini on October 25th, 2017
Are You Ready for New European Data Protection Regulations?
Compliance | Privacy | GDPR
GDPR, the new EU data protection regulation, is just around the corner. The amount of personal data stored by companies and governments has ballooned, and the value of that data has multiplied as more and more personal business is transacted on the internet. Identity theft has become far more prevalent. In addition to the disruption to businesses and the impact on customer loyalty that data breaches create, many jurisdictions are looking to bring their data protection legislation in line with the new, internet-based world – although unfortunately, not into alignment with each other.
However, there is a fundamental transformation underway. In the digital economy, information is the currency of exchange. And, information knows no boundaries. Harmonization of regulations that fosters the free flow of information while strengthening privacy and security rights is imperative for policymakers. Take the EU and US trading block as an example. The total value of goods and services between the two largest trading blocks is estimated at $5.5 trillion employing 15 million. Cross border flows between the EU and the US are estimated to be 50% higher than any other trading block. 65% of US investment in information technology is in the EU.
These troubling trends are prompting regulators to bolster data security and privacy legislation to impose stricter obligations on businesses and data controllers. The new European Data Protection Regulation (EU GDPR) is the most immediately visible evidence of what will soon be a tidal wave of national and industry information privacy and security regulations.
Historically the EU has had a high bar for privacy protection; privacy is considered to be a fundamental human right. Article 7 of the EU Charter of Human Rights stipulates that “everyone has the right to respect...private and family life, home and communications.”
As a response to advances in digital technologies such as big data, cloud computing, and predictive analytics, coupled with revelations of bulk data collection and profiling by intelligence services, the General Data Protection Regulation (GDPR) is a comprehensive overhaul of privacy legislation which considerably strengthens and expands privacy rights.
It spans more rigorous consent requirements data anonymization, the right to be forgotten, and breach notification, which could lead to fines of up to €20 million or 4% of global annual turnover for the preceding financial year -- whichever is the greater -- being levied by data watchdogs. For other breaches, the authorities could impose fines on companies of up to €10m or 2% of global annual turnover -- whichever is greater for the average Fortune 500 company, that puts fines in the range of $800-900M.
In our new e-book –Information Privacy and Security: GDPR is Just the Tip of the Iceberg, we focus on five key questions that should be on every C-level executive’s list of priorities:
- How has the environment for information privacy and security changed?
- What is GDPR, why should you care, and what does it mean for your organization?
- What does “Privacy by Design” Mean?
- How will the Internet of Things make the privacy equation even more complicated?
- What should your organization do about all of this, and what role will machine learning play in solving the problem?
About John Mancini
John Mancini is the President of Content Results, LLC and the Past President of AIIM. He is a well-known author, speaker, and advisor on information management, digital transformation and intelligent automation. John is a frequent keynote speaker and author of more than 30 eBooks on a variety of topics. He can be found on Twitter, LinkedIn and Facebook as jmancini77. Recent keynote topics include: The Stairway to Digital Transformation Navigating Disruptive Waters — 4 Things You Need to Know to Build Your Digital Transformation Strategy Getting Ahead of the Digital Transformation Curve Viewing Information Management Through a New Lens Digital Disruption: 6 Strategies to Avoid Being “Blockbustered” Specialties: Keynote speaker and writer on AI, RPA, intelligent Information Management, Intelligent Automation and Digital Transformation. Consensus-building with Boards to create strategic focus, action, and accountability. Extensive public speaking and public relations work Conversant and experienced in major technology issues and trends. Expert on inbound and content marketing, particularly in an association environment and on the Hubspot platform. John is a Phi Beta Kappa graduate of the College of William and Mary, and holds an M.A. in Public Policy from the Woodrow Wilson School at Princeton University.