In this article we are going to look at the news headlines and expand on the stories with an interesting series of opinions.
Were you ready for the new data regulations? Are you still struggling to comply?
Get some peace of mind by listening to Elizabeth Denham – the Information Commissioner for the Information Commissioner’s Office (ICO).
Listen to what she had to say when the GDPR came into force on the 25th May 2018. Her message is simple and reassuring for those businesses that weren’t ready for the deadline. The ICO is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. The ICO will enforce the GDPR. Watch the message from the Commissioner here.
It is our job to make sure we know exactly what is happening in the world of data protection so we can keep our customers informed and there are still changes ahead on the data protection horizon. We have been taking a look at the GDPR news headlines with great interest and it didn’t take long before complaints were filed against technology’s biggest names.
The BBC reported…
‘Complaints have been filed against Facebook, Google, Instagram and WhatsApp within hours of the new GDPR data protection law taking effect.’
The companies are accused of forcing users to consent to targeted advertising to use the services. An organisation called None Of Your Business (NOYB), which is run by Austrian attorney and privacy advocate Max Schrems, has already lodged complaints against Google and Facebook, as well as Facebook-owned Instagram and WhatsApp, with four different European authorities. Privacy groupnoyb.euled by activist Max Schrems said people were not being given a ‘free choice’.
The complaints, which are based on the argument that these companies are violating Article 7(4) of the GDPR by forcing users to give consent, are likely the first of many complaints that will be filed to test the GDPR.
Privacy group noyb.eu led by activist Max Schrems said people were not being given a “free choice”.
If the complaints are upheld, the websites may be forced to change how they operate, and they could be fined.
(Ed: Links to BBC.CO.UK News Article)
GDPR – ‘risks making it harder to catch hackers’.
A service used to identify and contact website owners has been forced to strip out information on its site to comply with the EU’s GDPR legislation.
‘Whois’ is often used by journalists and police to make quick checks into the legitimacy of websites. It no longer shows contact names, email addresses or phone numbers. Icann, the owner of Whois, had asked for more time to comply with GDPR despite having had years to prepare. The request was turned down.
(Ed: Links to BBC.CO.UK News Article)
Some high-profile US news websites are temporarily unavailable in Europe after new EU data protection rules came into effect.
The Chicago Tribune and LA Times were among those saying they were currently unavailable in most European countries. Meanwhile, complaints were filed against US tech giants within hours of the General Data Protection Regulation (GDPR) taking effect.
GDPR gives EU citizens more rights over how their information is used. It is an effort by EU lawmakers to limit tech firm’s powers. Under the rules, companies working in the EU – or any association or club in the bloc – must show they have a lawful basis for processing personal data or face hefty fines.
(Ed: Links to BBC.CO.UK News Article)
The Express reported…
Brussels says new GDPR law DOESN’T apply to EU – after ’embarrassing’ leak on website.
This bombshell revelation follows an “embarrassing” leak of personal details of hundreds of citizens by the European Commission. This leak would normally constitute a breach of the General Data Protection Regulation (GDPR) if other organisations had done it themselves.
However, a spokesman the commission said, based on “legal reasons”, European institutions are separate from the GDPR. Instead, officials will follow a new law similar to the GDPR but this does not come into effect until autumn.
(Ed: Links to EXPRESS.CO.UK News Article)
EU GDPR data laws could STOP UK-US trade and HARM war on terror Trump official warns
Wilbur Ross, US Commerce Secretary, hit back at Brussels’ new data protection laws, GDPR, that came into force last week. He said they will make it harder for American firms and other nations to trade with the EU, and added the US government is “deeply concerned” with the new restrictions.
Despite there being less than a year until the UK is supposed to leave the EU, the new rules which have caused business chaos across the continent will remain as a part of EU law after Brexit. Mr Ross said: “GDPR’s implementation could significantly interrupt transatlantic co-operation and create unnecessary barriers to trade, not only for the US but for everyone outside the EU.”
(Ed: Links to EXPRESS.CO.UK News Article)
My thoughts on the NOYB case have been well documented over business and social media networks these past weeks (If you have not caught up, please subscribe to our LinkedIn, Twitter and Facebook feeds). The summary of this case will stretch long into 2019 and probably 2020. Considering the previous case lodged against Facebook by Mr Schrems in the Republic of Ireland, which is now being referred for clarification to the European Courts of Justice, it could still have a wider effect on the US Privacy Shield and its incompatibility with the GDPR. Read our previous relevant article.
This links to statements made by Wilbur Ross in the past week, as the US Government have known about GDPR law just as long as everybody else. So invoking a trade war based upon a lack of comprehension of this regulation is a poor excuse.
As we passed the GDPR enforcement deadline on the 25th May 2018, the UK Data Protection Act 2018 was given royal assent and passed into law, along with it the required articles of law covering the GDPR, yet we noted the lack of clear reporting from the news media.
Yes, we all know that GDPR has dominated the internet headlines (and your mailbox), but hardly a murmur about the new DPA2018 (which we will follow up next week). But this is no Y2K issue, the GDPR is upon us with enforcement now live across Europe.
Whilst it is no longer big headline-grabbing news, statistics quoted this last week are stating that only 38% of businesses are prepared for the GDPR across Europe and only 3% of those claim to be fully compliant. Is there any such thing as fully GDPR compliant?
Australia appears to have just woken up to the news that they may need to know about GDPR. The USA thinks GDPR is a barrier to trade and some US newspapers have blocked EU citizens from accessing their news publications online.
What is certain, is that many organisations have ignored the enforcement deadline. Although a few of the supervisory authorities like the UK’s ICO and France’s CNIL, may show leniency during the grace period, they will not ignore inactivity of a business failing to act upon the new data protection laws.
(Ed: Links to beinfoready.co.uk News Article)
- Is your organisation ready for the GDPR?
- Have you informed your customers what information you are processing and why?
- What are your lawful bases for keeping this data?
- Do you know what to do when someone makes a request for information your organisation is holding on them? Or will you be able to fulfil their right to correct this data?
- Have you trained your staff in the EU GDPR and can you evidence that training?
If your answer to any of these questions is “NO”, then we are here to help you, train you, train your members of staff in how to protect your business. Practical training, using real-world examples, not legal jargon.
Author: Adrian McGarry
Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.
Comments (0)