European Data Protection Reform – How to minimize impact and costs

European Data Protection ReformIf your company touches any Europeans’ data you’d better prepare for what’s coming.


The EU data protection reform is steadily moving forward. On March 12, 2014, the European Parliament adopted the current proposal in its first reading. The new regulation is intended to strengthen consumer privacy rights and to boost Europe’s digital economy. However, many experts across the Atlantic have expressed deep concerns with regard to some controversial aspects of the incoming laws, which introduce bigger fines, 24 hour disclosure and the enforced Data Privacy Officer. The proposed regulation applies to the processing of personal data pertaining to data subjects in the EU even if the controller or processor of such data is not established in the EU. U.S. companies with or without operations in the EU that fail to comply with the new rules can trigger fines up to €100 million. If your company touches any Europeans’ data, you’d better prepare for what’s coming and know what to do to minimize the impact on your organization when the regulation is enforced.

Read more of this post

European Data Protection Reform – How to prepare for what is coming

European Data Protection ReformIf your company touches any Europeans’ data you’d better prepare for what’s coming.


The EU data protection reform is steadily moving forward. On March 12, 2014, the European Parliament adopted the current proposal in its first reading. The new regulation is intended to strengthen consumer privacy rights and to boost Europe’s digital economy. However, many experts across the Atlantic have expressed deep concerns with regard to some controversial aspects of the incoming laws, which introduce bigger fines, 24 hour disclosure and the enforced Data Privacy Officer. The proposed regulation applies to the processing of personal data pertaining to data subjects in the EU even if the controller or processor of such data is not established in the EU. U.S. companies with or without operations in the EU that fail to comply with the new rules can trigger fines up to €100 million. If your company touches any Europeans’ data, you’d better prepare for what’s coming and know what to do to minimize the impact on your organization when the regulation is enforced.

How to prepare for what is coming

U.S. companies who market goods and services to European consumers should not wait for the regulation to enter into force. You should act promptly to avoid the disruptions and the liability resulting from an untimely implementation of these new rules.

At a minimum, your checklist should include: Read more of this post

European Data Protection Reform – Should you worry yet?

European Data Protection ReformIf your company touches any Europeans’ data you’d better prepare for what’s coming.


The EU data protection reform is steadily moving forward. On March 12, 2014, the European Parliament adopted the current proposal in its first reading. The new regulation is intended to strengthen consumer privacy rights and to boost Europe’s digital economy. However, many experts across the Atlantic have expressed deep concerns with regard to some controversial aspects of the incoming laws, which introduce bigger fines, 24 hour disclosure and the enforced Data Privacy Officer. The proposed regulation applies to the processing of personal data pertaining to data subjects in the EU even if the controller or processor of such data is not established in the EU. U.S. companies with or without operations in the EU that fail to comply with the new rules can trigger fines up to €100 million. If your company touches any Europeans’ data, you’d better prepare for what’s coming and know what to do to minimize the impact on your organization when the regulation is enforced.

 

Should you worry yet?

According to Viviane Reding, EU Justice Commissioner, there is a full commitment of the European bodies to pass this legislation by the end of the year. However, the experts are skeptical with regard to a swift approval by the council of ministers of the EU member states. Read more of this post

European Data Protection Reform – The Enforced Data Privacy Officer

European Data Protection ReformIf your company touches any Europeans’ data you’d better prepare for what’s coming.


The EU data protection reform is steadily moving forward. On March 12, 2014, the European Parliament adopted the current proposal in its first reading. The new regulation is intended to strengthen consumer privacy rights and to boost Europe’s digital economy. However, many experts across the Atlantic have expressed deep concerns with regard to some controversial aspects of the incoming laws, which introduce bigger fines, 24 hour disclosure and the enforced Data Privacy Officer. The proposed regulation applies to the processing of personal data pertaining to data subjects in the EU even if the controller or processor of such data is not established in the EU. U.S. companies with or without operations in the EU that fail to comply with the new rules can trigger fines up to €100 million. If your company touches any Europeans’ data, you’d better prepare for what’s coming and know what to do to minimize the impact on your organization when the regulation is enforced.

 

The enforced Data Privacy Officer – revenue generation for lawyers?

For private legal entities, the obligation set forth in Art. 35 of the regulation to designate a Data Privacy Officer (DPO) only applies to the processing of personal data that affects large amounts of individuals (≥ 5000 data subjects in 12 months) or regular and systematic monitoring of data subjects or the processing of special categories of data, location data or children´s data in large scale filing systems. Read more of this post

European Data Protection Reform – 24 hour disclosure or undue delay?

European Data Protection ReformIf your company touches any Europeans’ data you’d better prepare for what’s coming.


The EU data protection reform is steadily moving forward. On March 12, 2014, the European Parliament adopted the current proposal in its first reading. The new regulation is intended to strengthen consumer privacy rights and to boost Europe’s digital economy. However, many experts across the Atlantic have expressed deep concerns with regard to some controversial aspects of the incoming laws, which introduce bigger fines, 24 hour disclosure and the enforced Data Privacy Officer. The proposed regulation applies to the processing of personal data pertaining to data subjects in the EU even if the controller or processor of such data is not established in the EU. U.S. companies with or without operations in the EU that fail to comply with the new rules can trigger fines up to €100 million. If your company touches any Europeans’ data, you’d better prepare for what’s coming and know what to do to minimize the impact on your organization when the regulation is enforced.

 

24 hour disclosure or undue delay?

The new regulation establishes the consumer right to know when their data has been “hacked”. Companies and organizations must notify the national supervisory authority of serious data breaches as soon as possible, if feasible within 24 hours, so that users can take appropriate measures. Read more of this post

European Data Protection Reform – The 100 Million Euro Fine

European Data Protection ReformIf your company touches any Europeans’ data you’d better prepare for what’s coming.


The EU data protection reform is steadily moving forward. On March 12, 2014, the European Parliament adopted the current proposal in its first reading. The new regulation is intended to strengthen consumer privacy rights and to boost Europe’s digital economy. However, many experts across the Atlantic have expressed deep concerns with regard to some controversial aspects of the incoming laws, which introduce bigger fines, 24 hour disclosure and the enforced Data Privacy Officer. The proposed regulation applies to the processing of personal data pertaining to data subjects in the EU even if the controller or processor of such data is not established in the EU. U.S. companies with or without operations in the EU that fail to comply with the new rules can trigger fines up to €100 million. If your company touches any Europeans’ data, you’d better prepare for what’s coming and know what to do to minimize the impact on your organization when the regulation is enforced.

 

The 100 million euro fine: outrageous sanctions set a disturbing precedent.

Under the current national European data protection laws enacted or amended in the wake of Directive 95/46/EC, administrative fines are rather limited – i.e. in Germany the maximum fine is €300,000 – and rarely imposed at all. The new regulation entails a paradigm change in that it introduces substantial sanctions for non-compliance with the new rules. Read more of this post

European Data Protection Reform – What you should know.

European Data Protection ReformIf your company touches any Europeans’ data you’d better prepare for what’s coming.


The EU data protection reform is steadily moving forward. On March 12, 2014, the European Parliament adopted the current proposal in its first reading. The new regulation is intended to strengthen consumer privacy rights and to boost Europe’s digital economy. However, many experts across the Atlantic have expressed deep concerns with regard to some controversial aspects of the incoming laws, which introduce bigger fines, 24 hour disclosure and the enforced Data Privacy Officer. The proposed regulation applies to the processing of personal data pertaining to data subjects in the EU even if the controller or processor of such data is not established in the EU. U.S. companies with or without operations in the EU that fail to comply with the new rules can trigger fines up to €100 million. If your company touches any Europeans’ data, you’d better prepare for what’s coming and know what to do to minimize the impact on your organization when the regulation is enforced.

 

EU regulation vs. U.S. laws: a matter of cultural bias?

The consolidated version of the EU commission´s proposal for a General Data Protection Regulation following the LIBE Committee vote of October 21, 2013 differs fundamentally from the U.S. approach to the protection of personal data. “Whether one approach is better than the other, is a question of data protection culture. You might think that these are two extremes. On the one hand you have very restrictive regulation with higher fines, which are in my opinion over the top. On the other hand, there is so much leeway under the U.S. data protection laws that you can do almost anything as long as it’s not specifically prohibited.” observes Andreas Leupold, the German IT attorney recipient of the “Lawyer of The Year 2013” award who advises clients across Germany, England and the U.S.

Read more of this post

Mobile Security: iOS Jailbreaks Pose Risks

Mobile Security: iOS Jailbreaks Pose RisksJailbreaking is happening in the millions: don’t turn a blind eye.



The latest jailbreak for iOS 6.1, released on 4 February, was downloaded by a whopping 5 million users in the first 48 hours alone, according to the website stats posted by Cyril (a.k.a. pod2g), the developer of the latest hack published on evasi0n.com. During these first two days, the websites served 40 million page views of which a good 50 per cent to 2.5 million unique visitors from the U.S.

Read more of this post

Icebergs, The Nordics, and Other BYOD Considerations

The BYOD iceberg headed towards your businessNew data shows that companies are increasingly exposed to security risks due to a variety of consumer-grade technology brought in by the employees.


I just returned from a tour in the Nordic countries where I presented to the local press the results of the latest BYOD survey* conducted by YouGov on behalf of Trend Micro. The data collected from 3,012 interviews across Norway, Sweden, and Denmark highlights many details of this controversial IT Trend. Most importantly, the research confirms an undeniable truth: Companies around the world are exposed to increasing security risks due to a variety of consumer-grade technology brought into the enterprise by the employees and inevitably used for work-related activities.

Read more of this post

The Financial Impact of Consumerization – The Hidden Costs

BYOD Financial CostsExecutives and IT leaders are struggling to understand the true costs and benefits of IT consumerization and it’s not difficult to see why. Even a cursory Google search on the subject throws up as many questions as it does conflicting answers. The reason is that no comprehensive research has been conducted into the financial impact of such programs before.

That’s why Trend Micro recently decided to take the bull by the horns and commission Forrester Consulting to conduct a rigorous, scientific study – interviewing over 200 IT leaders in the US, UK, France, and Germany. With the results we have begun to build an accurate picture for the first time of what organizations are measuring in their BYOD programs and the cost impacts, in order that IT leaders can go away and begin to formulate for themselves an effective cost benefit analysis.

Read more of this post

Follow

Get every new post delivered to your Inbox.

Join 27 other followers