Get Started Today!  (415) 295-4898

croom new

415 IT Blog

European Union’s GDPR: One Year Later

European Union’s GDPR: One Year Later

2018 will be remembered as the year where data privacy was altered forever. From Facebook’s many problems to the launch of the European Union’s General Data Protection Regulation, data privacy has never been a bigger issue than it is today. Let’s take a look at how the GDPR has affected the computing world in 2018-19 and how the past year’s events have created new considerations in individual data privacy.

The GDPR

Before the introduction of the GDPR, individual data privacy was largely an individual’s responsibility. To be fair, in non EU-affiliated circles, it largely still is, but the launch of the GDPR brought to light a lot of issues that people have been talking about for some time: mainly the use of their personal information for corporate financial gain. The GDPR was a response to concerns that some organizations were playing fast and loose with individual’s data that included personal information like names, addresses, email addresses, as well as medical and financial information. In profiting off the capture and sales of this information, the largest corporate tech companies created revenue off the backs of people, creating situations that were simply unfair to consumers and users of these services.

For years leading up to the ratification of the GDPR, EU member states had been legislating their own data protection laws. This trend has been roundly rejected in the United States, but with the implementation of the GDPR, corporations that see themselves as members of the global economy had strict new guidelines to meet in order to be able to use individuals’ data in the same manner as it had been. The GDPR was an amalgamation of these laws and firmly required all businesses to report certain types of personal data breaches within 72 hours to a supervisory authority mandated by EU member nations.

Not only did it give the consumer a voice in the ongoing data collection and distribution scheme, it made businesses cognizant just how important their data management is for the people they depend on. Before the GDPR was in the news, not many organizations were thinking about how a failure to protect customer, staff, and vendor information could negatively affect anyone but themselves. This has led to a wholesale change in the way businesses view data management, the training of their staff, and security investments as a whole.

One Year In

Now that the GDPR has been in place for a year, the results have been mixed. Over 59,000 personal data breaches have been identified by companies that have resulted in notifying regulators. Since sanctions for failing to comply with GDPR mandates carry fines up to €20 million, or up to 4 percent of total revenue from the previous year (whichever is larger), you are seeing a more targeted and strategic approach to keeping data secure, and reporting it quickly when a data breach does happen. To take a look at the results the GDPR had in its first eight months, download the DLA Piper GDPR data breach survey, here.

The takeaway is twofold. Firstly, the GDPR has resulted in a major improvement in data breach reporting speed. Since the mandate gives companies up to 72 hours to notify breached parties, it sets a strict deadline. You likely won’t see situations like the Yahoo! breach where they sat on the information for a year before letting anyone that was affected know they had been breached. The GDPR has also resulted in nearly doubling the amount of reported incidents, not an insignificant number.

On the other hand, fines adding up to €55,955,871 have been levied against the companies responsible for the 59,000 reported incidents, a modest amount for the first year when you consider that about 90 percent of that sum was a single fine levied against U.S. tech giant Google. A French GDPR regulator suggested that this be marked down to more of a transition year than some type of long-term ineffectiveness of the law. It remains to be seen just how effective the law with be if regulators aren’t actively enforcing it.

Effects Abroad

Many U.S. companies do business in mainland Europe and fall under the GDPR regulator's jurisdiction, but domestically, there has been a major change in the way data privacy is viewed. Over the past year, a lot has happened in the U.S. on the individual data privacy front. Not only has the GDPR lit the fire of legislators, it has major tech firm CEOs, such as Apple’s Tim Cook, calling individual data privacy a “fundamental human right”.

While Mr. Cook seems to be in the minority of American tech company leaders (as can be seen by the €50 million GDPR Google fine), it is a step in the right direction. The state of California, not long after the GDPR went into effect, passed its own sweeping (and some would say hastily thrown together) data privacy law, the California Consumer Privacy Act, to protect the residents of the Golden State. Colorado, Massachusetts, and Ohio followed suit with privacy laws shortly after California’s CPA was ratified.

This is good news for individual privacy in the U.S. It’s a far cry from only a few short years ago that resulted in some pretty damning situations for online consumers. Federal lawmakers have balked at making waves of their own in regards to data privacy, but if history is any indication, when states begin passing laws that are outside the norm, the U.S. Congress typically acts to fill the breach.

If you would like more information about the GDPR, subscribe to our blog, or call one of our knowledgeable IT professionals at (415) 295-4898.

You Can Benefit from Productivity Consultations
Tip of the Week: Keyboard Shortcuts for Slack
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, October 15 2019

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Technology Productivity Best Practices Data Backup Business Computing IT Support Hosted Solutions Data Network Security Privacy Cloud Data Recovery Software Outsourced IT IT Services Internet Email Managed IT Services Malware Tech Term Business Innovation Hackers Computer User Tips Efficiency Cloud Computing Windows 10 Collaboration Business Management Small Business Ransomware Microsoft Google Hardware Paperless Office Upgrade Phishing Business Continuity Managed Service VoIp Mobile Devices Android Communication Managed Service Provider Encryption Communications Remote Monitoring Server Office 365 Vulnerability Backup Smartphones Workplace Tips Internet of Things Cybersecurity Passwords Managed IT Artificial Intelligence Laptops Business Technology Holiday Disaster Recovery Saving Money Wi-Fi Help Desk Save Money Document Management Quick Tips Healthcare Managed IT services Browser Applications Data Management Information Antivirus Redundancy Scam Government Bandwidth Mobile Device Automation Tip of the week Microsoft Office Compliance Blockchain BDR Processor Smartphone Project Management Employer-Employee Relationship RMM Customer Relationship Management Chrome Two-factor Authentication Router Social Media VPN Analytics Windows 7 Machine Learning Website Access Control BYOD Windows Data Security Vendor Management Infrastructure IT Management Avoiding Downtime Tablet File Sharing Miscellaneous Users File Management Data Loss Dark Web Network Management Internet Exlporer Smart Technology Alert Proactive Consultation Monitoring Maintenance Storage Facebook Bring Your Own Device HIPAA Utility Computing Financial Remote Monitoring and Management Networking Operating System Mobile Security Professional Services Training Search Unified Threat Management Employees Unified Communications Downtime Files Recycling Virtual Private Network Mobility Company Culture Gmail The Internet of Things Cooperation Server Management Network Risk Management Remote Workers Word Gadgets Regulations Patch Management IoT Software as a Service Net Neutrality Management Assessment Computing Infrastructure Hard Disk Drives Sensors Mobile Computing Address WiFi Conferencing Microsoft Excel Database Mirgation Hard Drive Spam Enterprise Content Management Printing Augmented Reality Notes Wearable Technology Star Wars Human Error Identity Theft Enterprise Resource Planning Techology E-Commerce Theft SaaS Proactive Maintenance App Authentication Google Calendar Fraud User Management Electronic Medical Records Computing Alerts Solid State Drives Payment Cards Geography Meetings Voice over Internet Protocol Projects Cache Travel Value of Managed Services Social Networking Technology Laws Remote Worker Virtual Reality Touchscreen Hacking PowerPoint Display OneNote Permission Information Technology Identity Outlook Disaster Resistance Features Firewall Time Management Cybercrime Screen Reader Emergency Multi-Factor Security Authorization Teamwork Comparison Licensing Heating/Cooling Options Telephone Modem High-Speed Internet Printer Politics Return on Investment Remote Computing Technology Tips OneDrive Managed Services G Suite Unified Threat Management Office Private Cloud Data Warehousing Flexibility Trending Tech Support How To Test Shared resources Going Green Mobile Shortcut Proactive IT Electronic Health Records Procurement Distributed Denial of Service Statistics Database Management Smart Tech WPA3 Legislation Consulting Specifications Servers 5G Mobile VoIP Development Instant Messaging Settings Personal Information Digital Payment Hotspot Manufacturing Vendor Motherboard Chromebook Bookmarks ROI Operations Virtual Assistant Bitcoin IT Technicians Cost Management Lenovo Employee-Employer Relationship Recovery Virtualization Batteries IT Consulting Cyberattacks Social Managed IT Service Bluetooth GDPR Connectivity Samsung Fleet Tracking Zero-Day Threat Managed Services Provider Mobile Device Management Black Friday Wireless Internet Big Data Cookies Cables SharePoint Customer Service Transportation Active Directory Migration eWaste Wireless Mouse Language Password Smart Devices Vulnerabilities Mail Merge User Error Favorites Apps Money Wasting Time Current Events Superfish CIO applications Remote Work Managing Stress Data Breach Read Only Security Cameras Break Fix Asset Tracking Backup and Disaster Recovery Point of Sale Tech Terms Cyber Monday Staff Websites Employer/Employee Relationships Nanotechnology Wires Downloads MSP Finance Permissions Windows Server Chatbots CEO Printers Students Daniel Stevens Regulation Marketing Twitter Education

Latest Blog

Traditionally, small businesses don’t use their data in the same way as larger companies. This is largely because they may not think they have a lot of data. Well, I’m here to tell you that even small businesses can have big data. Let’s go over three ways small business can ...

Latest News

We are proud to announce that 415 IT and our CEO, Daniel Stevens, were recently featured by CIO Applications. We discussed how and why we serve our clients, as well as some sneak peeks for our future. Read our interview by visiting:  https:...