GDPR Turns Six: Reflecting on a Global Privacy Benchmark

The EU's flagship data protection law, the General Data Protection Regulation, celebrated its sixth anniversary on 25th May '24.
Since coming into effect in 2018, its stringent requirements for enhanced security controls and data privacy have consistently raised awareness about the issues surrounding the storage and processing of personal data.
This regulation has set a global benchmark, becoming a model for regulators worldwide.
The GDPR was designed to protect individuals' fundamental rights and freedoms, especially their right to personal data protection.
As internet usage became more widespread, the EU Parliament recognised the need for updated guidelines to adapt to a more connected world where data is the common currency.
The GDPR was created to replace the 1995 Data Protection Directive used across various European countries.
In the past six years, €4.5 billion has been paid in GDPR violation fines, according to research by Nordlayer.
Spain, Italy, and Germany have imposed the largest fines.
Since the GDPR came into effect, individual data protection authorities have issued 2,072 violation decisions.
Spain holds the worst record, with 842 fines totaling €80 million since 2018.
Compliance has been an uphill struggle for many organisations, but its impact in helping individuals manage their data better and holding organisations accountable for data mishandling cannot be overstated.
The GDPR has reshaped how we manage data, enforcing a much-needed prioritisation of privacy rights.
I don't think it goes far enough when I look at data protection legislation in places such as Jamaica.
People criticise the administrative burden that the GDPR imposes, in particular, the compilation of records of processing activities or RoPAs.
My view is that RoPAs are very difficult to put together and maintain but not because they are a bad idea, but because organisations have allowed their data processing activities to balloon with very little control.
The challenge of documenting those data processing activities is therefore burdensome - but the requirement to bring them under control is not the thing that should be under pressure and reformed.
Another popular area for GDPR bashers is in relation to its ability to cater for the emergence of new technologies including AI. The thought process I believe, depending on what camp one is in, is either that the GDPR is too restrictive to allow AI to flourish, or that it is too weak to properly regulate AI. My view is that it's actually pretty well-placed.
Equally, the process of undertaking a data protection impact assessment on an AI project is often hampered by organisations not being able to adequately get under the skin of their AI tools.
Surely they need to in order to understand what data protection and privacy risks they may pose.


This Cyber News was published on www.itsecurityguru.org. Publication date: Tue, 28 May 2024 16:43:06 +0000


Cyber News related to GDPR Turns Six: Reflecting on a Global Privacy Benchmark

GDPR Turns Six: Reflecting on a Global Privacy Benchmark - The EU's flagship data protection law, the General Data Protection Regulation, celebrated its sixth anniversary on 25th May '24. Since coming into effect in 2018, its stringent requirements for enhanced security controls and data privacy have ...
6 months ago Itsecurityguru.org
Thought GDPR Compliance Was Hard? Buckle Up - COMMENTARY. Five years since the European Union's General Data Protection Regulation took effect, its fingerprints are everywhere: from proliferating privacy laws worldwide to the now-ubiquitous consent banners seen across websites of every kind. For ...
1 year ago Darkreading.com
Privacy Education for Students: A Vital Curriculum Component - Recognizing privacy as a fundamental right, educators are increasingly acknowledging the importance of integrating privacy education into the curriculum. This article explores the significance of privacy education for students and its role as a vital ...
11 months ago Securityzap.com
WhatsApp Fined €5.5 Million for Enforcing Data Processing Update - Heimdal Security recently reported that WhatsApp, the world’s most popular messaging service, has been fined €5.5 million by the Italian Data Protection Authority (GPDR) for violating user privacy. According to the report, the WhatsApp ...
1 year ago Heimdalsecurity.com
Holistic Approach To Privacy and Security in Tech - In this article, I would like to explain how I tackle privacy and security issues that are specific for large scale web and mobile applications and Big Tech. First, let's outline some of the biggest challenges Big Tech companies deal with in terms of ...
1 year ago Feeds.dzone.com
Privacy Isn't Dead. Far From It. - EFF is one of dozens, if not hundreds, of organizations that work to protect privacy. Millions of people read EFF's website each year, and tens of millions use the tools we've made, like Privacy Badger. Privacy is one of EFF's biggest concerns, and ...
10 months ago Eff.org
Business Data Privacy Laws: Compliance and Beyond - Governments worldwide have implemented strict data privacy laws to protect individuals' information in the face of increasing cyber threats and data breaches. Let's dive into the world of business data privacy laws as we navigate the complexities of ...
10 months ago Securityzap.com
Building a Privacy-Centric Organization with FireMon - As organizations increasingly rely on technology to streamline operations and connect with customers, the need for robust privacy measures has become more critical than ever. Here at FireMon, we play a pivotal role in building a privacy-centric ...
10 months ago Securityboulevard.com
Enhancing Home Privacy with Technology: Your Digital Shield - In an ever-evolving world, technology has become increasingly integral to home privacy. Smart lock systems, video doorbells, motion sensors, security cameras, and automated privacy settings are some of the popular home privacy tech options available. ...
1 year ago Securityzap.com
Protecting Student Privacy Online - In the rapidly evolving world of online education, the protection of student privacy has emerged as a critical concern. This article delves into the privacy risks associated with online education and highlights the significance of complying with ...
11 months ago Securityzap.com
What CISOs Need to Know About Data Privacy in 2024 - While consumers continue to demand stronger personal data protections, companies are scrambling to keep track of an ever-evolving patchwork of applicable laws and regulations. In this environment, cybersecurity professionals need to understand the ...
11 months ago Cybersecurity-insiders.com
Transcend enhances its privacy platform to address current and future compliance challenges - Transcend announced an expansion of its product suite-going even further to help the world's best brands manage complex privacy compliance challenges. Powering privacy for Fortune 100 companies, the global 2000s, and high-growth start-ups, Transcend ...
1 year ago Helpnetsecurity.com
Telus Makes History with ISO Privacy Certification in AI Era - Telus, a prominent telecoms provider, has accomplished a significant milestone by obtaining the prestigious ISO Privacy by Design certification. This certification represents a critical turning point in the business's dedication to prioritizing ...
1 year ago Cysecurity.news
Privacy Badger Puts You in Control of Widgets - The latest version of Privacy Badger replaces embedded tweets with click-to-activate placeholders. This is part of Privacy Badger's widget replacement feature, where certain potentially useful widgets are blocked and then replaced with placeholders. ...
11 months ago Eff.org
My Yearly Look Back, a Look Forward and a Warning - 2023 saw cybersecurity and privacy law arrive at a crossroads, especially with regard to the regulatory landscape. This is the time of year when it is traditional to look back at the past year and extrapolate forward to make predictions for the year ...
11 months ago Securityboulevard.com
Securing the Digital Frontier - As we navigate through a world brimming with data, understanding the evolving landscape of data protection is not just a necessity but a responsibility. This intricate dance among technology, societal norms, and regulatory frameworks shapes our ...
10 months ago Feeds.dzone.com
Mine's $30M boost will bring AI-based privacy to the enterprise - The shift in regulation for both consumer and employee privacy in both the U.S. and the European Union has increased an enterprise's responsibilities around privacy for both their employees, as well as their customers. Ringel emphasized that their ...
1 year ago Venturebeat.com
Latest Release of CIS Security Standards for February 2023 - We are delighted to announce the release of the new CIS pfSense Firewall Benchmark v1.0.0! We would like to express our gratitude to Touhid Shaikh and Daniel Brown for their hard work and communication which made this release possible. CIS ...
1 year ago Cisecurity.org
Strata Identity Reins in Global Access and Compliance Challenges With Cross-Border Orchestration Recipes - PRESS RELEASE. BOULDER, Colo., Feb 15, 2024 - Strata Identity, the Identity Orchestration company, today announced Global Access Orchestration Recipes that manage the complex identity relationships and processes associated with meeting data ...
10 months ago Darkreading.com
Mine Secures $30M in Series B Funding - PRESS RELEASE. BOSTON and TEL AVIV, Israel, Dec. 5, 2023 /PRNewswire/ - Mine, a pioneering company disrupting the data privacy market, announced today that it has raised $30 million in Series B funding, co-led by Battery Ventures and PayPal Ventures, ...
1 year ago Darkreading.com
How Can Data Breach Be A Trouble For Your Industry? - To navigate an era of cyber risks, this unsettling reality necessitates a renewed focus on data integrity protection and digital asset protection. In this blog, we will discuss a data breach in the Hospitality industry. Some of the companies like MGM ...
11 months ago Securityboulevard.com
Tech Privacy: Navigating the Age of Digital Surveillance - Users generate and share a significant amount of personal data with third-party companies, highlighting the importance of understanding data ownership and privacy. Technology offers benefits such as data encryption, two-factor authentication, and ...
1 year ago Securityzap.com
Navigating the Digital Frontier: Insights from Leading Experts on Data Privacy Day - The roots of Data Privacy Day can be traced back to the European Data Protection Day, marking the historic signing of Convention 108 on January 28, 1981 - the first-ever international treaty addressing privacy and data protection. Fast forward to ...
10 months ago Cybersecurity-insiders.com
Navigating the Digital Frontier: Insights from Leading Experts on Data Privacy Day - The roots of Data Privacy Day can be traced back to the European Data Protection Day, marking the historic signing of Convention 108 on January 28, 1981 - the first-ever international treaty addressing privacy and data protection. Fast forward to ...
10 months ago Cybersecurity-insiders.com
Navigating the Digital Frontier: Insights from Leading Experts on Data Privacy Day - The roots of Data Privacy Day can be traced back to the European Data Protection Day, marking the historic signing of Convention 108 on January 28, 1981 - the first-ever international treaty addressing privacy and data protection. Fast forward to ...
10 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)