Long-term planning essential in the wake of GDPR

Businesses have been warned that long-term IT planning was only going to become more important as Governments look to the future with digital compliance legislation.

And with European data regulators already fining well-known companies for breaches in current regulations, businesses best stay one step ahead to protect their data, and themselves.

Advice

This was the advice from a senior figure in the UK’s Information Commissioner’s Office (ICO), as she called on technology policymakers and leaders to look further ahead when creating data legislation.

The ICO is the UK’s independent regulator for data protection and information rights law. It recently fined ride-sharing giant Uber over its mishandling of customer data having previously hit Facebook with a maximum £500,000 fine after the social media website was found to have let app developers access users’ data without properly notifying them.

Impact

Speaking at a Westminster eForum entitled ‘Next steps for commercial use of data – opportunities, consumer rights and developments in best practice’ and attended by Penta, ICO Director of Strategic Policy (International) Anneke Schmider said: “The things we do today impact us tomorrow. I am a mother of three teenagers and I am worried about what footprint they have and what it is going to be like in 10 or 20 years’ time.”

She said the public was being made increasingly aware of their rights to ensure their personal data was not being misused since the EU’s GDPR rules came into force earlier this year and she called on policymakers to put the consumer first when planning future research, development and innovation rules.

Implementation

“August saw 10,412 concerns reported to the ICO and this is huge. This is post-GDPR implementation and we are not seeing it flagging away. This means the public is aware of what is going on and what its entitlements are. There were also 4,056 data security incidents reported in Q2 alone, so we are being kept busy.”

The UK has been very tough on businesses which break data rules since the introduction of GDPR. MPs have attempted to haul Facebook founder Mark Zuckerberg to explain a large-scale data breach, and Heathrow Airport was fined £120,000 in October by the ICO over ‘serious failings’ in its data protection practices.

With this in mind, she said Governments were increasingly planning data legislation with the long-term protection of consumers in mind. And businesses should follow suit.

Planning legislation

She said: “How do we include ethics, data protection and privacy by design for long-term benefits for the industry and for consumers? I would argue consumers need to be put first because that is the way we get a sustainable industry.”

“We also need to look at how we assess the long-term impacts as new areas in the digital economy emerge.”

Penta’s multi-tiered steps to security.

Penta deploys a host of security measures and strict access protocols to ensure its clients’ data is kept safe, as Chief Operating Officer Hossein Fezzazi explains:

“We maintain multiple firewalls and other security programs on our servers, each with different strengths to ensure that even if one firewall is breached, there are still more layers in operation.

“On top of this, our clients can choose exactly who they want to access their servers and what security clearance they need to do that. Additionally, we can provide clients with regular or real-time reports of all attempts to access their data.

“By having multiple layers of security software, clearly defined criteria controlling which people can access our clients’ data and reports on those who attempt to do so, Penta provides a multi-tiered security system to ensure our clients and their data stays safe.”

ICO issuing big fines

 UK ministers target Zuckerberg
 Government wants answers from Facebook chief 
 The Guardian 

 Facebook hit with maximum fine
 £500,000 fine for social media giant
 ICO.org 

 Uber suffers huge data breach
 2.7 million UK Uber accounts hacked
 Which?