GDPR: A Force for Good?

  • techUK techUK
    Monday06Nov 2017
    Opinions

    Guest blog post by Nabil Nistar, Marketing Manager at Securestorm as part of our #procuring4growth week

The General Data Protection Regulation (GDPR) has come at an interesting time in our lives. People make their personal data readily available to companies or through a multitude of social media tools, either knowingly or unwittingly. Just looking at the proliferation of ‘Connect’ requests on Linked-In, Facebook etc gives a sense of our personal data being available to a wide body of people and organisations.

I recently heard a comment that GDPR was brought in by the EU as a way to break what was seen as the data monopoly by some organisations. However, I like to think GDPR was brought about to strengthen the rights of individuals; improve protection by fixing what wasn’t working in the previous legislation; and enforce consistency across Europe by now passing a Regulation rather than a Directive.

Public bodies, Government agencies etc. do not have a good track record of protecting people’s data – looking at the ICO website for enforcement action for Q1 2017 shows that 73% of all incidents were in this sector. That doesn’t mean that the private sector can gloat as 27% is not a good situation either!

For those of you who were involved in the much-maligned Y2K or ‘Millennium Bug’ you could be excused for thinking that GDPR was déjà vu. It’s been 20-ish years since the Y2K projects started but the same “it’ll never happen” versus “we’re all doomed” comments seem to be resurfacing; the 2-4% global turnover regulatory fine has been effective at focussing attention on GDPR.

I worked in a trading floor at the time and there was a huge (i.e. expensive and time-consuming) project to identify affected systems and processes. Quite a few instances were discovered and it did stop ‘things’ working. Was it the end of the world like some predicted: no. Would it have impacted operations on 01/01/00 if left unchecked: yes? Was it a timely overhaul of outdated systems and processes: definitely yes!

What the lead up to Y2K did do was focus staff, and most importantly, the executive’s attention to the risks and impact of doing nothing - sound like current conversations? The risks of doing nothing far outweigh the investment. Did that result in getting systems, infrastructure and controls updated: yes.

GDPR is an opportunity for anyone who thinks in such terms: we all win as our data will be more secure and we won’t be constantly pestered unless there is a lawful reason to do so.....and if there isn’t we can object and stop it; the public and private sectors can win as there is an opportunity to transform, streamline and improve their IT/processes and stop hoarding (and therefore paying to store) data; IT and developers can win if they design privacy into their tools – it makes them more attractive (and marketable) if they can say exactly what data is expected and the data flows are already mapped out.

I believe that there are many opportunities for the implementation of GDPR for SMEs, and that it will be a great example of how an SME can deliver a positive change in Government. Not one to fear.

About Securestorm

Securestorm was formed when our co-founders made a decision to leave the limitations of the Big 4 environment to set up a lean, responsive cyber security consultancy that provided practical advice with the aim to simplify the world of Cyber and Cloud Security.


Complete techUK's SME Survey here and help us make the case on your behalf.

Share this

FROM SOCIAL MEDIA

ICYMI: On Tuesday @techUK hosted a panel session on digital ethics and the world of work at #CogX19 for #LTW. You c… https://t.co/sDwLJG9j1R
Read our report to see that blockchain solutions are working in the market. techUK feels that these problems can an… https://t.co/14gghO7S8U
techuk and our returning sponsors @ComputacenterUK and @FDMGroup look forward to seeing you at #techUKAnnualDinner.… https://t.co/zUdcBo7AhQ
Interested in how we can keep track of carbon emissions when outsourcing to the cloud? Next week, techUK is hosting… https://t.co/StkTotncFv
Key to its #DigitalIndia programme is the Cashless India Innitiave. With world-leading expertise in #Fintech in the… https://t.co/IrWX4IzlND
The Indian Government is currently pushing three key tech innitiatives: #DigitalIndia, a #smartcitiesindia programm… https://t.co/B0TL7wxDxe
An extremely packed #LTW2019 is drawing to a close, but before it does we are hosting the @techUK @nasscom Alliance… https://t.co/3GJOehTknx
Great morning @techUK, starting the day with the 4th meeting of the UK-India Tech Alliance, discussing the growing… https://t.co/9Ybw78VJ9p
Head of Cyber @TRajab introducing @techUK’s next #Q4TheLoo event at @CapgeminiUK, looking at how to build a profile… https://t.co/q6cgVRl8V2
Become a Member
×

Become a techUK Member

By becoming a techUK member we will help you grow through:

Click here to learn more...