The impact of the GDPR
On 25 May the EU’s General Data Protection Regulation (GDPR) comes into force for the 28 member states, but the impact is already far wider as the regulation affects any organisation that keeps data on an EU citizen, which includes all the global internet giants. It also comes at a time when there has been one of the most high-profile data breaches with the Facebook/Cambridge Analytica “scandal”. Among the news and commentary on the introduction of the GDPR:
- The Economist considers that the GDPR’s premise, that consumers should be in charge of their own personal data, is the right one. “The failings of America’s self-regulatory approach are becoming clearer by the week,” it says. While the legislation is too complex, compliance costs for smaller firms, in particular, look burdensome, and the “right to be forgotten” would not work in the US, “these are arguments for using the GDPR as a template, not for ignoring the issue of data protection”.
- Larry Downes, at the Georgetown Center for Business and Public Policy, considers that the GDPR, and calls for similar regulation in the US, “may lead to the end of what has long been the internet’s grand bargain: the exchange of free or subsidised content for personalised advertising”. Downes says this could threaten the free and open internet and some consumers won’t be able to afford certain services. Read more
- A possible casualty of the GDPR is ICANN’s public database of domain name registrations (called WHOIS). The Article 29 Data Protection Working Party has written to ICANN expressing concerns that the WHOIS directories and services will not be compliant.
- EU law makers are also scrutinising the issue of metadata processing in the context of new EU laws on privacy and electronic communications (the e-privacy regulation). Metadata is information such as numbers called, websites visited, location, or the time and date a call was made. Read more
- The United Nations trade and development agency, UNCTAD, has called for global action on data protection. It says about 90% of new internet users in the past 5 years live in developing countries but 60% of these countries do not have any data protection legislation in place. Read more
- Gemalto, a digital security specialist, in its latest Breach Level Index, reveals that 2.6 billion records were stolen, lost or exposed worldwide in 2017, an 88% increase from 2016. Read more
- Thursday, 26 April 2018