Page 78 - Cyber Warnings
P. 78
jurisdiction, along with the ability to actually enforce the legislation or regulations and impose
penalties.
Although the severity of fines and penalties varies from country to country, what is common is
that penalties have grown in size and regulators have become more comfortable using them.
In this context, the EU GDPR heralds the most significant change for data privacy in the digital
era, but not only because of the technical requirements or even the stipulation for data protection
officers under certain circumstances.
Instead, it’s the magnitude of the penalties for violations, and the expressed willingness of
regulators to impose the fine when the rules come into force of up to 4% of the total worldwide
annual turnover of the preceding financial year.
In tandem with more explicit requirements on their responsibility across jurisdictions,
organizations must also conform with the expanding definition of what constitutes personal
data — whether biometric data in the case of the EU GDPR or MAC addresses or cookie IDs in
the case of new privacy regulations proposed by the FCC in the US.
In its recent enforcement decisions, the Singapore’s Personal Data Protection Commission has
argued that context matters: violations of personal data protection requirements when the data is
“of a sensitive financial nature” is more likely to draw fines.
For companies looking to comply with new privacy regulations it will therefore be increasingly
expected that they can find any personal data accurately and at scale.
It’s A Matter of Shared Principles
Certainly, many regulations and
requirements will more closely resemble
the GDPR’s provisions as they near
approval and the governing principles
will become a point of comparison.
However, it is important to understand
that differences in approach will persist.
For instance, the EU GDPR takes a
comprehensive stance, especially when compared with the US, where much more of a sectoral
focus led by industry regulators is in play.
78 Cyber Warnings E-Magazine October 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
