<img height="1" width="1" src="https://www.facebook.com/tr?id=1046809342117480&amp;ev=PageView &amp;noscript=1">

VSEC Blog: IT Security Channel News brought to you by Infinigate UK

Share the Infinigate UK Blog on LinkedIn Share the Infinigate UK Blog on Twitter Share the Infinigate UK Blog on Facebook Share the Infinigate UK Blog on Google+ Share the Infinigate UK Blog via Email

GDPR is Supposed to Make Business Easier... No Kidding

Topics: Data Protection, Compliance, GDPR

Posted: 10 November 2016


IT security loves fear, it's the very foundation upon which it is built. Much like the physical security world, without the fear of the possible, there would be no risk and no purpose to reduce it. It's therefore no surprise then that whenever change rears its head, it invokes a flurry of doomsday commentary of varying degrees of panic.

Ever since the UK's Information Commissioner indicated that despite the UK intending to leave the EU, the adoption of the GDPR (General Data Protection Regulation) is almost certain, and this pattern of behaviour is notably present. Some are anxiously looking for detailed guidance on how to become compliant, some are banking on the slight chance of it being thrown out with the EU whilst others sigh and shrug themselves into a depressive state of inevitability, as if they sit upon a train they cannot stop nor control.

That which links all these perspectives is a sense of negativity that the GDPR is just another headache which information security leaders could live without. How dare those meddling politicians force us to be more secure... But how many of us have read the GDPR? or EU regulation 2016/679? to give it it's real name.

What if I told you it was written to make information sharing and transfer across Europe and even the world easier for businesses? Thats right, the GDPR isn't intended to be repressive, despite other articles may have you believe.

Even for the least attentive of us, it is written within the first two pages of the document:

(9) The objectives and principles of Directive 95/46/EC remain sound, but it has not prevented fragmentation in the implementation of data protection across the Union [...] Differences in the level of protection of the rights and freedoms of natural persons, in particular the right to the protection of personal data, with regard to the processing of personal data in the Member States may prevent the free flow of personal data throughout the Union. Those differences may therefore constitute an obstacle to the pursuit of economic activities at the level of the Union, distort competition and impede authorities in the discharge of their responsibilities under Union law. Such a difference in levels of protection is due to the existence of differences in the implementation and application of Directive 95/46/EC.

In a less sleep inducing format, the GDPR is intended to remove the barriers and issues associated with trading within localised data protection laws. Today, when a UK based organisation wishes to conduct business in a European member state which involves the storage of transfer of information, there is often an prior exercise of acquiring and understanding local laws (or possibly just unintentionally falling foul of them), particularly in those member states with more stringent rules, such as Germany. As a result this added burden may and has undoubtedly made cross border trade less attractive, something which troubles the EU.

Yes the GDPR packs a lot of content, a big sting and lots of change for some. However, it's not unlike most of the the EUs other directives and regulations; it seeks to create commonality across all states to reduce waste and increase trade. Think European free trade and financial services passporting. All of which have had a positive impact on UK and European economies alike. Ironically things that most wish to retain after the UK departs the EU.

The GDPR is not scary, it's an opportunity to make things better and more cooperative. It's a headache which could cure other headaches. Levelling the playing field has but one intention in all cases; to make things fair and simple.

Prepare for GDPR 11 step checklist

Infinigate UK
Posted by: Infinigate UK
Share via:

Subscribe to VSEC Blog Updates

Terms and Conditions:
  • When completing this form, you are indicating your consent for this processing activity. By doing this you are providing Infinigate UK with lawful consent to process your submitted personal data for one or both of the marketing purposes below:
    • We will use your details to send you blog updates.
    • We will match your answers to areas of interest which believe you have and may send you additional marketing materials related to those areas.
  • We will keep your personal data for nine months, upon which we will delete your personal data unless you have consented to further processing or we have legitimate interests to retain it. You are free to withdraw your consent at any time by contacting our marketing department or using one of our unsubscribe links in our communications.
  • In some cases where you indicate consent for supplying you with additional promotional marketing material, we will share your personal data with one of our reseller partners, should your areas of interest match a solution or service they provide. We instruct all our reseller partners to communicate this data transfer with data subject affected.
  • Your personal data is stored in a marketing automation solution database, access to this is limited to authorised users and all necessary steps to ensure data security is maintained.

For further information about this form, your rights under the General Data Protection Regulation or how to exercise them, please contact Infinigate's marketing department here.

Popular Posts