GDPR-like legislation is popping up worldwide. How can enterprises keep up?
Written by Emma Flickinger
The European Union’s General Data Protection Regulation caused a stir when it went into effect in May, regulating the way enterprises interact with personal information under the law’s jurisdiction. GDPR is a major landmark in data protection legislation, but it’s only the beginning.
Around the world, developing legislation aims to bring transparency to the journey of consumer data, from consumer devices to enterprise websites to data servers. It also puts the onus on enterprises to provide this transparency.
The California Consumer Privacy Act, passed in June, is one of America’s strictest data privacy laws (though not as tough as GDPR). It aims to give consumers more control over their privacy, and holds enterprises responsible if their actions violate consumers’ privacy. When the law comes into effect in 2020, the companies required to comply will include tech giants like Google, Amazon, and Facebook.
India may soon be enacting comprehensive data protection legislation, as a Personal Data Protection Bill has been drafted. Largely adapted from the GDPR, it includes several hallmarks of landmark privacy laws, including a focus on individual consent, and the right to be forgotten. The bill has been submitted to the Ministry of Electronics and Information Technology for finalization, after which it will be submitted to the parliament for consideration.
The spread of data regulation laws represents important progress for consumer protection, and growing public awareness on online privacy issues. It also means that enterprises and institutions that handle personal data will have to take a closer look at how they handle that data. But not all enterprises may be equipped to take on this examination alone.
Redmorph’s data privacy tools equip users with the ability to monitor who is accessing their data, what data they have access to, and where their data is being sent. Enterprises can use Redmorph to view and control all connections to a given device, to identify where (geographically) customer or employee data is being transmitted, and to keep confidential data safe on employees’ devices.
From the other end, consumers can use the tools to fact-check — are businesses really sending their data where they say they’re sending it?
Laws give us rules for data protection, but only technology can make sure those rules are implemented, complied with, and enforced. Technology that’s readily available and usable with minimal technical expertise allows users to take a proactive role in both compliance with regulations and the protection of their own personal data.
