{"id":3345,"date":"2017-07-27T13:29:07","date_gmt":"2017-07-27T13:29:07","guid":{"rendered":"http:\/\/chief-exec.com\/?p=3345"},"modified":"2017-09-02T11:13:12","modified_gmt":"2017-09-02T11:13:12","slug":"new-data-rules-for-an-age-of-hacking-and-the-hacked","status":"publish","type":"post","link":"https:\/\/chief-exec.com\/?p=3345","title":{"rendered":"New data rules for an age of hacking and the hacked"},"content":{"rendered":"

In a new legal landscape fines of up to 4 per cent of global turnover, or \u20ac20 million, are on the cards if companies fail to comply, reports James Fitzgerald<\/em>.<\/span><\/h4>\n

In the digital age, information is power. Economic growth is now dependent on data sharing, but many consumers are concerned about how and where their personal details are collected. For some people, the retention of personal privacy has eclipsed more nebulous pursuits, such as self-actualisation or social status, as the ultimate attainment in life.<\/p>\n

It is against this backdrop that the European Commission has sought to tighten the rules, under the General Data Protection Regulation (GDPR), due to come into force in May next year.<\/p>\n

Nearly 70 per cent of Europeans are concerned about not having complete control over the information they provide online, according to a recent Eurobarometer survey<\/a>. Seven Europeans out of 10 worry about the potential use that companies may make of the information disclosed, according to the European Commission.<\/p>\n

\u201cThese new pan-European rules are good for citizens and good for businesses. Citizens and businesses will profit from clear rules that are fit for the digital age, that give strong protection and at the same time create opportunities and encourage innovation in a European Digital Single Market,\u201d says V\u011bra Jourov\u00e1, commissioner for Justice, Consumers and Gender Equality.<\/p>\n

The GDPR promises to give citizens more control over their data. The rules will make it easier to access your own data; give a right to data portability (between service providers, for example); a clarified \u201cright to be forgotten\u201d; and the right to know when your data has been hacked.<\/p>\n

The new rules will require large companies to appoint a \u201cdata protection officer\u201d to ensure compliance, with potential fines of up to 4 per cent of global turnover, or \u20ac20m.<\/p>\n

The regulation, unlike a directive, will be applicable in all EU member states without the need for national implementing legislation. In this way, the Commission aims to harmonise data protection measures.<\/p>\n

The GDPR will also bring implications for employers who wish to \u201cprofile\u201d potential candidates via their social media presence. According to guidelines published by the Article 29 group of advisory regulators, data collected from a search must be \u201crelevant to the performance of the job\u201d.<\/p>\n

In this new legal landscape software packages that track an employee\u2019s activities when working from home will likely be outlawed.<\/p>\n

\n

How do you stop hackers? You can\u2019t because there are vulnerabilities created on purpose by the NSA for spying. For them to hack everyone and everything.<\/span><\/h4>\n<\/blockquote>\n

The burden of responsibility for data protection is being laid firmly at the door of individuals, SMEs and corporations, but what, if anything, will change in the covert world of government security agencies and the bandit country of hackers?<\/p>\n

\u201cIf you suffer a breach, and it\u2019s a question of when not if at the moment, and you are holding personal data, and that is leaked or stolen, you are going to be liable for that, because you were holding the information,\u201d says Toby Stephens, a partner at law firm HFW.<\/p>\n

The scale and prevalence of ransomware and cyber attacks has grown markedly over the past year, with Britain\u2019s National Health Service among the large groups hit by the global Wannacry hack in May. The attackers demanded payment to regain access to vital medical records, causing operations to be cancelled and ambulances to be diverted at 40 hospital trusts. The private US postal service FedEx and Germany\u2019s rail operator were also affected.<\/p>\n

\n

Do read advice if you are a member of NHS staff starting work at an organisation affected by #nhscyberattacks<\/a> https:\/\/t.co\/ToWK5oe814<\/a> pic.twitter.com\/aXkKKA3kGh<\/a><\/p>\n

\u2014 NHS England Media (@NHSEnglandMedia) May 15, 2017<\/a><\/p><\/blockquote>\n