Microsoft is now the first major tech company that says it plans to abide by the new CCPA not just in California, but also to honor California’s digital privacy law in every state where it operates in the United States.
Data Protection
Certain types of personal data are very valuable to criminals, and can be very damaging to an individual or business if it falls into the wrong hands. As the world becomes more digital and more connected, more of this sort of data is generated and passed between various sources on a regular basis.
Government regulations and supervisory authorities aren’t just about keeping irresponsible parties in line. They also provide vital security guidance to every type of organization that handles sensitive personal, business or government information.
Data protection regulations also ensure that the end user has a transparent view of and a say in the processing of personal data. These safeguards play a significant role in everything from the preservation of civil rights to ensuring that democratic institutions function properly.
Some types of personal data are clear candidates for regulation: medical records, banking information, national ID numbers and so on. But some of these regulations also cover items that might seem relatively innocuous at first glance: home addresses, email addresses, website profile information and so on. For example, the European Union General Data Protection Regulation (GDPR) has stipulations about anything that is unique to an individual to include phone numbers and social media accounts. People have varying levels of privacy preference with these items, but they are often protected by regulation because they can be used for targeted scams and attempts at identity theft.
Given that regulations often take the size and customer count of businesses into consideration in terms of penalties and the scope of protection of personal data, compliance is particularly important for enterprise-scale organizations. You do not necessarily have to have an active business presence in a country or region; simply storing data on or moving it through servers there may subject you to their data protection rules.
Privacy should be a top-of-mind issue as new privacy regulations keep appearing globally. However, recent report shows organizations are still unprepared to deal with them effectively.
In the post-GDPR world, it seems the remit of what counts as data as a valuable commodity is becoming ever broader, with the most recent example in the context of the beautiful game.
Multinationals face difficult and unique data privacy and security compliance challenges to successfully meet the ongoing waves of government regulations. To meet these challenges, multinationals must have enhanced visibility across their global key assets and comprehensive controls.
Washington’s My Health My Data Act (“MHMDA”) broad scope and definitions will undoubtedly expand its reach to data not normally considered health data and businesses who do not traditionally consider themselves to be health care providers or to be collecting consumer health data.
As we move toward a more open data sharing future, businesses must prepare now to tackle the future legislation and data privacy laws that will inevitably be placed upon them and ensure all data moving through its systems is accurate and trusted.
Against a backdrop of looming privacy regulation, VFS Global’s Group Data Protection Officer, Astrid Gobardhan, looks at the various benefits of privacy investment for organisations – from better security, improved customer confidence, right through to brand enhancement and reduced operational costs.
EU data transfer mechanisms are in a state of flux, and the additional complications of Brexit can leave organizations wondering how best to navigate this current area of uncertainty.
The Police Service of Northern Ireland was slapped with a hefty ICO fine for a preventable data leak that exposed the personal information of its officers and staff.
New proposed bill on anti-encryption law requires a backdoor to be placed in nearly every electronic device that has at least 1 GB of memory and all encrypted services.










