GDPR: The torchbearer for better data privacy laws
We live in a time where people are continuously sharing their information and personal data and at the same time want to have control over the data that they are sharing with others. We are all entangled in this web of technology and social media. With our data being processed by various organisations for various purposes, the chances of it being misused are on an all time high. This raised the need for data governance and data privacy laws.
What is data governance? Data governance is the overall management of the availability, usability, integrity and security of data used in an enterprise. Why is data governance important to your business? Data Governance strategy can significantly improve the returns from business intelligence investments. According to a study published by Forbes Insights, Strong Data Governance Enables Business Intelligence. Here are the 3 main benefits that highlight why data governance is important:
It saves money
Simply put, data governance increases efficiency. Duplicacy of accounts results in an increased effort as well as wastage of time, which leads to increased expenditure. Data governance reduces errors in your database, giving your business a solid database to work from and saves precious time that would otherwise be used correcting your existing data.
Bad Data Governance increases the risk
Lack of effective data governance is a security concern. Badly structured data poses a security risk for the simple reason that it clogs your database and obstructs the efficient monitoring of data. Therefore, a company will not be able to detect the areas where it might be at risk.
Further, with the increase in awareness, people are beginning to understand the importance of their personal data and governments are beginning to make laws to monitor how companies store, protect, and use their customer’s data. General Data Protection Regulation is a good example of this. This Regulation helps the citizens or data subjects to reclaim control over their data and imposes an exorbitant amount of fine on the data controllers or processors that might be in violation of the law. Considering, that more and more countries are implementing data privacy laws, data governance becomes important to enable companies to comply with various regulations.
Good Data Governance provides clarity
Effective data governance provides the peace of mind that the data is generally clean, standardized, and accurate. The effects of this reverberate throughout a company.
General Data Protection Regulation is currently the most comprehensive law regarding data governance and data privacy. It has acted as a wake up call for data security. We have already discussed the impact it has had on companies as well as individuals across the world. Even though General Data Protection Regulation is a law of the European Union, it has a global impact.
The frequency and intensity of data breaches is on the rise worldwide. More than 4.5 billion records were compromised in the first half of 2018, a 133 percent increase over last year, according to Gemalto’s Breach Level Index. Therefore, countries across the globe have started formulating laws for ensuring data privacy.
Over the past year, at least 11 additional states in the United States introduced new data protection standards or strengthened existing privacy policies, according to the global law firm Norton Rose Fulbright.For instance, California has decided to implement data privacy laws to protect the data of its citizens. Governor Jerry Brown signed the California Consumer Privacy Act of 2018 into law in June, 2018 which many say will create “the most stringent data protection regime” in the U.S. when it becomes enforceable in 2020. In May 2018, Vermont passed the nation’s first law regulating data brokers particularly for companies that collect user data and sell it to third parties, such as advertisers. Similarly, Alabama, South Dakota enacted their first data breach notification laws in the year 2018. As many as, fifty U.S. states, have now enacted some form of a data breach notification standard, according to Norton Rose Fulbright.
The Indian government is also considering introducing a data privacy law which would mean significant changes for foreign companies doing business in the world’s fastest-growing digital economy. The Personal Data Protection Bill of 2018 (“PDPB”) was spurred in part by a landmark decision passed on the 24th of August, 2017 by a nine-judge bench of the Supreme Court in Justice K.S. Puttaswamy vs Union of India, wherein they unanimously affirmed that the right to privacy is a fundamental right under the Indian Constitution. As a result, the government convened a ten-member expert panel, chaired by former Supreme Court Justice B.N. Srikrishna to draft a new data privacy law. The bill is closely modelled after the European Union’s General Data Protection Regulation and broadly applies to all data of a “natural person,” which allows direct or indirect identifiability; and envisions a regime where individual consent is the cornerstone of data-sharing.
Australia is another country which has been taking data privacy rather seriously.In Australia, the introduction of the Notifiable Data Breach was celebrated as a step in the right direction. In the first six weeks of the country’s NDB scheme, more than 63 data breaches have been reported to the Office of the Australian Information Commissioner.
On August 14, 2018 Brazilian President Michel Temer signed the new data privacy law, i.e., General Data Privacy Law (Lei Geral de Proteção de Dados Pessoais or “LGPD”) (English translation), making Brazil another country to implement comprehensive data privacy regulation. The law will come into effect after in early 2020.
It is therefore clear that that GDPR has acted as a torch bearer for better data privacy laws and more and more countries are implementing data privacy laws to preserve the data of their citizens and reduce the chances of data breaches and cyber crimes.