Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

GDPR at Age 2: Nothing has Changed, yet Everything has Changed

From: InfoSec News <alerts () infosecnews org>
Date: Thu, 28 May 2020 05:04:23 +0000 (UTC)
https://www.eweek.com/security/gdpr-at-age-2-nothing-has-changed-yet-everything-has-changed

By Wayne Rash
eWeek.com
May 27, 2020

If you were to believe the lofty ideals of Europe’s General Data Protection
Regulation, we’d have entered a world in which our personal information is
treated like the valued thing that it is. It would be carefully hidden away,
free from the prying eyes of hackers, telemarketers or corporate spies. Every
company that has business in the European Union would have a Data Protection
Officer, it would know where your data was, it would be able to limit access to
that data, or at your request, remove it entirely. Oh, and data breaches would
be a thing of the past.

But as we found out in eWEEK’s query to businesses about life after the GDPR,
that hasn’t happened. Neither have the other things that pundits suggested might
happen. For example, the United States hasn’t followed Europe’s lead and
instituted meaningful privacy regulations. While some states, notably
California, have privacy laws clearly inspired by the GDPR, those are by no
means the norm. And telemarketers are still getting your information and calling
you, and every product you’ve ever viewed online is still haunting you in ads
and searches years later.


GDPR actually causing some data breaches

We still see data breach reports from companies large and small, including
industry giants such as GE, Marriott and Carnival Cruise Lines reporting data
breaches. So what’s going on? As it happens, those data breach reports are in
many cases because of the GDPR. This isn’t to suggest that the law is causing
breaches, but rather that it’s resulting in companies reporting breaches. This
same reporting requirement is now raising its head in the U.S., which means that
companies that likely wouldn’t have reported a breach in the past are now
required to do so.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: