For decades, oil was considered to be the world’s most valuable commodity. Due to its relative scarcity and society’s dependence upon it, this resource has been at the center of countless conflicts. Today, the story has changed; “black gold” has been deposed, as digital gold becomes more and more sought after. They say that data is the oil of the 21st century. The ability to know, through data, who we are gives companies immense power in the creation of business opportunities. And the abuse of this information can, naturally, raise concerns among consumers and legislators. These concerns have led policy-makers to invoke increasingly strict measures for the protection of personal data, a process which this year will reach its peak. 2018 will be the Year of Privacy.
The battle for privacy
Our privacy is at stake. The Internet has made the boundary between the public and the personal more porous than ever before. However, Internet users are increasingly aware of the relevance of protecting their identity online.
With this in mind, Data Privacy Day is celebrated every January 28 in order to raise awareness and promote data protection and healthy privacy practices. This celebration aims to educate users on the importance of protecting their online identity. It also seeks to encourage companies to implement technological solutions to respect user privacy. The date is no coincidence: it corresponds to the anniversary of the signature in 1981 of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, one of the pioneering documents in the field of data protection.
More Data, More Responsibility
Although storing large amounts of customer data can offer multiple business opportunities, it also implies a high level of responsibility. The hardening of data protection regulations and the growing number of cyberattacks are making it necessary to increase investments in privacy. The combination of customer data and employee data puts enormous pressure on security.
The global production rate of new data is increasing exponentially. According to IDC estimates, in 2025 there will be 163 ZB of data, ten times the data generated in 2016. Yes, that’s… let’s see, 163,000,000,000,000,000,000,000 bytes of information flowing around the world! Moreover, as indicated by IDC, 90% of the data generated in 2025 will require some type of security, but less than half of it will be protected.
GDPR: Four Letters to Define 2018
May 25, 2018. Security experts the world over have circled this date on their calendars with big red markers. On that day, the adaptation period stipulated by the regulatory bodies of the European Union for GDPR compliance will expire. This is the primary reason that we are calling 2018 “The Year of Privacy”.
At this point it is unlikely that you have not heard this acronym, but we’re here to summarize the fundamental aspects of the regulation that will revolutionize personal data protection not only in Europe, but worldwide.
The General Data Protection Regulation (GDPR) seeks to protect the privacy of citizens of the European Union and control how companies and institutions process, store, and use their personal data. It is the result of advances that have been made in the field of personal data protection, beginning in the 80s. The rapid evolution of technology was making the previous legislation obsolete, giving rise to the GDPR, the legal framework by which the European Commission intends to eliminate the ambiguities of the previous directive (Data Protection Directive 1995) and unify the specific legislations of each member country of The EU.
The fact that it is a unique, EU-approved regulation has generated many questions among companies, with two questions above all others: What happens with companies from European countries that are not part of the EU? And with companies from other continents? As we explained in this post, the GDPR applies to all companies that process EU citizen data, regardless of their location. This confusion has led to very few companies being adequately prepared for the GDPR.
In recent months we have also debunked some other myths that surround the GDPR. One of the most widespread is the idea that we must encrypt all data to comply with the GDPR. Another: the personal data that we already have in our database is not subject to the GDPR. (Both are false).
Knowing the ins and outs of the regulation is the only way to avoid being caught off-guard. To simplify this task, we highlighted some of the main changes stemming from this new regulation and explained a series of recommendations for your company to be prepared. The inherent risks of unpreparedness are considerable: fines that could reach up to 20 million euros, as well as potential reputational damages and loss of customers.
So now is not the time to rest on your laurels. Four months away from the GDPR’s becoming a strict requirement, the protection of privacy and personal data must become a business priority. To help you on the road to compliance, we have created this microsite. Don’t wait until May!