Like many security professionals, Quentyn Taylor, Director of Information Security at Canon wanted a new set of data protection regulations for Christmas. With the EU Data Protection Regulation being passed this week, Christmas has come early for the security industry.
By Quentyn Taylor, Director of Information Security at Canon
For too long we have suffered under inconsistent and wildly different EU data protection legislations, and recently even the rough ’protection‘ of Safe Harbour has been ruled non legal.
At the top of my Christmas list this year was the upcoming EU General Data Protection Regulation. It’s been in the making for four years and on Monday 15th December, was passed.
Why does it matter?
The new EU General Data Protection Regulation will force companies to disclose any data breaches, strengthening European citizens’ privacy protections. Here are three ways the act is going to impact consumers and businesses when it will take effect in two years’ time in all member states.
It will spark a generation of data-savvy consumers…
The new regulation will open the public’s eyes and finally allow them to understand the real value of their personal data. With companies being forced to disclose breaches, consumers will recognise how their data is being used and that it has a monetary value for organisations. They will assess if giving it away has more risks or benefits, and might decide not to trust organisations with their sensitive data at all.
…but won’t really affect consumers’ purchasing decisions
While consumers might try to avoid using a certain retailer or vendor for a while following a breach, convenient access to goods and services will always trump holding back data and missing out. Just ask yourselves: How many of you have changed your games console as a result of a data breach?
It will impact the B2B2C market the most
This is a market where consumers are at one end but businesses will be selling to them via a third party. Businesses tend to be very averse to data breaches, especially if it’s their customer’s data that has been breached by an intermediary. They are aware of how much a breach might affect their reputation and the bottom line, therefore carefully evaluating if they want to use a careless middle man. The regulation is a significant step in data protection. And a much better Christmas present than socks.
Follow Quentyn Taylor on Twitter: @Quentynblog