6 min read
Editor's Note: If you're interested in learning more about GDPR, be sure to download this curated list of GDPR assets here.
Is it just me, or does there somehow seem to be an eerie correlation between the quickly approaching, May 25thdeadline for compliance with the General Data Protection Regulation (GDPR) and the increasing numbers of reported privacy violations, leaks, complete system failures that are capturing headlines? Coincidence…or not?
All ‘conspiracy theory’ aside, over the last few weeks, we’ve heard about Chief Security Officers, Chief Information Officers, and even CEOs losing their jobs following a data breach that exposed their customer’s sensitive data to external parties. But the repercussions aren’t solely limited to an individual or department. A breach of this magnitude can cost a company not only up to billions of dollars in fines, but also a loss of public trust, brand deterioration and significant loss of business. For example, take the recent Uber incident wherein the claimed ‘digital native’ taxi-alternative company, failed to alert regulators across the world of a mass data breach that potentially put 57 million customers and drivers personal details into the hands of cyber criminals. In UK, the cost for UBER could also be the renewal of its license in the capital with the Transport of London agency—something that will likely have a significant impact on its revenues…
Each day we’re seeing concrete cases illustrating the rising costs of penalties for capturing data without customer consent, or the fact that a loss of control over personal data could have a billion dollar impact on a company’s market valuation.
The impact of GDPR is huge, not only as a regulation that ‘punishes’ companies that fail to comply with severe penalties, but also because data subjects – i.e. any European-based citizen who is an employee, customer, visitor, or user of your company’s products or services—are now understanding their new rights in the digital age and starting to ask the right questions, take the right steps and establishing blocks against companies to protect themselves. At the same time, the voice of non-European citizens is getting louder when it comes to similar privacy rights and issues.
In fact, a recent survey by Pega Systems shows that data subjects (i.e. citizens) may be more prepared for GDPR than the companies with which they do business; i.e. 82% of European consumers plan to exercise their new rights to view, limit, or erase the information businesses collect about them. To same extent that they leveraged their new right to be forgotten in Google since the European courts ordered the company to allow it in May 2014, data subjects are feeling empowered by their new rights, and will undoubtedly be more mindful of the personal data they share with any vendor at any time.
So, what does this mean for IT Leaders? We think there are two main things to consider:
Benchmarking surveys (like IAPP/Ernst and Young, or Deloitte) are showing that the toughest challenges are related to the second question. Most GDPR initiatives get stuck in paperwork and fail to enable companies to get hands on with the intimate details of protecting the personal data they possess. As a result, topics like consent management, data subject access rights, data portability, or right to be forgotten are not addressed. I would say this is a ‘band aid’ approach to addressing GDPR—it may be a satisfactory first step to show regulatory authorities that work is underway to sufficiently assess the risks and address any and all legal issues. However, this ‘band aid’ approach will fall far short of winning customer trust, which would result in a far more costly business impact that the fines you’ll likely to incur from government entities.
Organizations should rather get hands on with their data and make sure they address the five pillars to get their data ready for GDPR:
In part II of this series, we’ll see how MapR and Talend can accelerate your data privacy compliance across those five pillars.
This was originally published on Talend.com here.
Stay ahead of the bleeding edge...get the best of Big Data in your inbox.