New data law ‘will help con­sumers re­claim con­trol’

The Irish Times - Business - - TECHNOLOGY - CHAR­LIE TAYLOR

New data reg­u­la­tions to be in­tro­duced across the Euro­pean Union next year are be­ing pro­moted as if they are pro­foundly neg­a­tive, when in fact they will en­able con­sumers to re­claim con­trol over their per­sonal in­for­ma­tion, ac­cord­ing to a lead­ing se­cu­rity ex­pert.

Speak­ing on a re­cent visit to Dublin, Paul Duck­lin, a se­nior tech­nol­o­gist at the se­cu­rity soft­ware and hard­ware firm Sophos, said dis­cus­sion around Gen­eral Data Pro­tec­tion Reg­u­la­tion (GDPR), has tended to fo­cus on is­sues such as big­ger fines for companies, rather than high­light­ing the ben­e­fits for both busi­nesses and the pub­lic.

“The GDPR fo­cus is on the data breach side of things and the fines as­so­ci­ated with it. The re­al­ity is that there are 99 ar­ti­cles or sub­sec­tions in the leg­is­la­tion, of which only three re­late to breaches,” said Mr Duck­lin.

“It is hard to fault much of the mo­ti­va­tion in GDPR be­cause it specif­i­cally says that companies will no longer be able to just col­lect what­ever in­for­ma­tion they want to use as they see fit. You can’t say I’m col­lect­ing data and I might find a use for it in 10 years’ time. There has to be a spe­cific rea­son why it is be­ing col­lected and GDPR helps set the guide­lines on what is ap­pro­pri­ate to col­lect,” he added.


GDPR is the most com­pre­hen­sive data pro­tec­tion leg­is­la­tion to be passed in the his­tory of the EU. The reg­u­la­tion gov­erns the pri­vacy prac­tices of any com­pany han­dling cit­i­zens’ data. It also re­quires that pub­lic au­thor­i­ties and cer­tain companies pro­cess­ing per­sonal data on a “large scale” must have an in­de­pen­dent data pro­tec­tion of­fi­cer.

Mr Duck­lin said GDPR was very much a case of the EU say­ing con­sumers should have more of a say over what hap­pens to their data and ques­tion­ing why oth­ers might want it in the first place.

He also said GDPR, which comes into ef­fect in May 2018, may pose chal­lenges for busi­nesses, but was of ben­e­fit be­cause it would force them to take greater care over data.


Mr Duck­lin’s com­ments come as a sur­vey re­veals 77 per cent of Ir­ish con­sumers plan to take ad­van­tage of their new rights when GDPR comes into force.

The study of 1,000 adults, com­mis­sioned by an­a­lyt­ics firm SAS, shows two-thirds of adults welcome the right to ac­cess to in­for­ma­tion stored on them while 66 per cent want the right to erase data.

In ad­di­tion, 63 per cent want the right to rec­tify in­for­ma­tion about them if it is in­ac­cu­rate or in­com­plete, with 62 per cent wel­com­ing the right to re­strict pro­cess­ing of per­sonal data.

Mean­while, new re­search from Baringa Part­ners re­veals companies risk los­ing up to 55 per cent of cus­tomers in the UK if they suf­fer a sig­nif­i­cant per­sonal data leak.

Of these, 30 per cent of re­spon­dents said they would switch provider im­me­di­ately upon hear­ing of a breach.

Newspapers in English

Newspapers from Ireland

© PressReader. All rights reserved.