GDPR - Big Data or Big Bang for businesses?
The new E.U. data protection framework, General Data Protection Regulation (GDPR), was approved over a year ago without the majority of the business community and corporates even knowing it or realising what it will involve when it comes into force in May 2018. Meanwhile, qualified Data Protection Officers (DPOs) are rubbing their hands in glee as all organisations and public institutions with more than 250 workers will be obliged to recruit a DPO. In this article our consultant Dr. Alejandro Kress, who has pursued his doctorate in privacy and new technologies, highlights the relationship between the GDPR and Big Data.
This extraordinary phenomenon does not just involve the explosion of data that is stored and analysed, hailing from several sources and in many different formats. The potential risks linked to Big Data led the E.U. to seriously tackle this venture and set a new regulatory framework of data protection (GDPR), which will not just affect E.U. citizens and E.U. corporates and institutions, but every single organisation dealing with any kind of data anywhere (including data mining companies) as long as they wish to operate in this region; the treatment of information must comply with legal practices, and subsequently qualified DPOs will (without any doubt) be in high demand.
The GDPR brings unprecedented attention and challenges amongst operators, beyond the E.U., as far as the Pacific, in Silicon Valley, the genuine cradle of innovation, where a number of leading mobile applications and IT projects are designed and developed. They are all looking at ways to best manage these new regulations.
Today we are witnessing a period of growing activity (as never before) in the development of data protection regulation, which impacts the way in which global businesses are asked to tackle the management and collection of personal information, i.e. working in healthcare involves significant regulatory and intellectual property matters, security risks and data rules.
The current changes are rooted in the need to face the challenges of the new times led by technology and online business models. Data is everywhere and the EU is keen to make sure that it is properly managed. This is not just in the E.U.; we are witnessing tougher legal requirements and enforcement around the world. A large number of countries with poor or no previous data protection laws in place are now tackling this matter, including countries in Latin America and Asia. Europe is defining a data protection system that can turn into a leading model for these countries and we are seeing the vast majority of countries in this region following the European framework so far.
What is the influence of European data protection regulation in the digital era? What is the balance between the interests of individual citizens and those of the large technology players? Does the current framework in the E.U. conflict with the interests of multinationals that are operating in Europe? Businesses need a DPO to properly address these questions. In the world of Big Data, laws are orientated to protect the consumer (Europeans would perhaps rather speak of citizens or individuals). Europe has actually played a pioneering role when it comes to data protection and the GDPR represents an historic achievement. By contrast, ironically few of the Big Data players hail from Europe.
We will be publishing more articles on this extremely interesting topic. SSQ can provide exceptional expertise to businesses searching for a qualified DPO. If you would like more information on how to get your organisation up to speed when it comes to the GDPR by recruiting the best data protection resources for your organisation please contact a member of our team.