MvVO Art Launches AD ART SHOW
Tech

The New EU Data Protection Legislation Is Challenging US Cybersecurity Perceptions

The New EU Data Protection Legislation Is Challenging US Cybersecurity Perceptions

We now have less than a year left until the new EU General Data Protection Regulation (GDPR for short) comes into effect – and companies are rushing to prepare during this transition period. The GDPR, which will radically transform the landscape of data protection legislation and privacy as a right in Europe was adopted in April 2017, but won’t officially come into effect until May 2018. This intends to give affected entities the time to adequately prepare.

New Regulation, New Rules

One of the reasons behind introducing the GDPR was the continuous evolution in fields that require handling of personal data; it was generally recognised that developments such as social media, mobile apps, big data, and the cloud were not sufficiently addressed under the previous EU Directive. As technology advances, cybersecurity and privacy concerns become more elaborate and demanding. The GDPR is meant as a comprehensive answer that imposes further requirements and safeguards on private entities collecting, storing and processing personal data, thus commanding higher security levels.

EU Data Protection Legislation

Source: Pexels

For instance, under GDPR Article 25, two main security principles are laid out: data privacy by design and data privacy by default. Data privacy by design ensures that appropriate organizational and technical measures (such as pseudonymization and data minimization) that aim at protecting personal data are ingrained into the complete lifecycle of a company’s products and services. Data privacy by default limits the amount and type of personal data collected and processed to the absolutely necessary, while it also restricts access to it only to a specific number of people. Implementing these principles will tremendously change how we approach cybersecurity: for example, it will force companies to develop their primary cybersecurity approach as a proactive one, focused on the design phase and default options instead of asking users to opt-in.

GDPR Will Affect US Companies

It is widely known that the EU has been taking privacy very seriously – too seriously, according to some. The level of data protection accorded under EU law has been slightly higher and more rigid than US companies are accustomed to on their own turf. For example, even the definition of personal data is narrower under US law. But now US players must get used to the new regime and upgrade their cybersecurity strategy, because the GDPR will actually also apply to US companies providing goods and services, or generally monitoring the personal information of, individuals who find themselves within EU borders.

EU Data Protection Legislation

Source: Pexels

You do not actually have to be playing in the too-big-to-fail league to trigger the GDPR and incur fines for non-compliance; last November, Germany launched a data protection-related investigation into 500 companies that were based in the US but operating in the country. The corporations under scrutiny fell across a wide spectrum of capacity and size, ranging from microbusinesses to larger organisations. According to a report published on SecurityWeek in early July, 75% of US businesses falsely believe that the GDPR will not affect them – even worse, one-third of respondents could not identify where their company stores collected personal data and less than 50% of companies have already laid out an incident response plan for data breaches.

The deadline is approaching quickly and US companies seem to have a lot of catching up to do – not only in order to adhere to GDPR standards, but also to fulfil the fundamental cybersecurity requirements that are reflected in the new EU laws.

More in Tech

businessman software

Tips on Selecting Software Development Company for Your Business

Karthik KrishnanNovember 16, 2017
Data Entry

5 Things to Consider While Hiring A Data Entry Company

WriterNovember 15, 2017
Instagram,Pinterest

What to Consider Before Taking Your Business to Instagram or Pinterest

Karthik KrishnanNovember 14, 2017
Wireless dog fence

Top 6 Features and Qualities to Look For In a Wireless Dog Fence

Karthik KrishnanNovember 14, 2017
18650 Batteries

Best Ways to Make Your 18650 Batteries Last

WriterNovember 12, 2017
Brand

How Brands Play a Part in Our Decision-Making Process

WriterNovember 11, 2017
Mobile App

Three Reasons Why Creating Your Own Mobile App Is Easier Than Ever

WriterNovember 2, 2017
Mack Hacks

7 Useful Mac Hacks for Beginners

WriterOctober 23, 2017
Electronic drum sets

Working Modalities of Electronic Drum Sets – How Technology is Helping to Produce New Sounds

WriterOctober 23, 2017