GDPR and the Transparency Revolution
It’s been over a year since GDPR went into effect, and in that time, the regulation has driven a great deal of meaningful conversations around consumer privacy and enterprise data management policies. In an age where “data is the new oil,” fueling innovation and growth, enterprises face all kinds of new challenges when it comes to handling consumer data.
Large data breaches are constantly putting personal data at risk, and today, consumers are demanding greater transparency when it comes to the collection and use of their data, marking a shift from the days when everyone blindly accepted terms of service contracts from tech companies.
GDPR has forced companies to be honest and clear about how they leverage data now that consumers are paying more attention to the fine print. Individuals are more informed than ever before of their privacy rights and are exercising them accordingly, and organizations are finally beginning to understand the importance of demonstrating accountability and transparency with how they collect, handle, and transfer personal data. One slight misstep in the wrong direction, and enterprises may run the risk of hefty, crippling fines or worse: losing customers.
Thanks to GDPR, companies are finally realizing that while data is a hugely valuable asset, it is also a significant liability. Companies that fail to prioritize transparency around data privacy and protection aren’t just risking damage to financial profit and brand reputation, they’re also risking non-compliance with the most important overarching obligation of the GDPR. To get ahead of this, proactive organizations have already taken steps to ensure transparency and compliance in the age of GDPR.
Capturing Consent at Every Step of the Customer Journey
Adopt Data Minimization Practices
For awhile, professional data scientists were in high demand, and companies sought to amass and subsequently analyze as much data as possible to drive business innovation and growth. This mentality has changed in the wake of GDPR.
Businesses are adopting data minimization practices at collection or at retention so they can handle less but more meaningful data, and they’re putting policies in place to dispose of it when it’s no longer needed or useful. Ultimately, an organization’s best cybersecurity measure is to collect less data and encrypt it so that it’s safe in the event of a breach.
Consider Encryption and Data Distribution
Encryption is what makes personal data indecipherable to anyone who isn’t authorized to see it, and data distribution is what essentially bifurcates information files so they aren’t held all in one place where they would likely be more susceptible to a cyber attack.
Companies that care about their customers, employees, and vendors as much as they care about being GDPR-compliant should adopt data minimization practices and leverage technology to encrypt and distribute the small amount of data they do collect.
Don’t Skimp on Quality Cybersecurity
We live in a world where companies are collecting and handling more personal data than ever before, but holding any amount of data is risky if an organization isn’t doing enough to protect it.
The benefits of having less data to manage is that there’s less data to steal, but that shouldn’t exempt companies from implementing cybersecurity strategies and technologies that don’t just “tick the box” for GDPR compliance, but that are actually effective at thwarting cyber crime. New technologies exist that can provide data protection competence while still enabling companies to offer compelling and customized digital experiences for customers that give them confidence that their data isn’t being carelessly collected or processed.
It’s time for global organizations to proactively address the fact that data is both an asset and a liability by being more thoughtful about how much data they’re capturing instead of storing everything, unfiltered, for some unforeseen future use.
Companies need data to function–it’s an asset to every organization, and it would be unrealistic (and unfair) to ask a company to stop collecting it entirely. However, businesses that understand the risks associated with negligent data management practices will be better positioned to comply with GDPR and offer clarity to data subjects. Collecting only the most relevant information for a very specific purpose is not only easier to explain to individuals, but it also gives them confidence that you won’t misuse or abuse it.
About the author: David Thomas is the CEO of Evident ID, a provider of online identify verification solutions. David has held key leadership roles at Motorola, AirDefense, VeriSign, and SecureIT. Since being recruited at a young age by the Department of Defense, David has been at the forefront of cybersecurity including firewalls as corporations began connecting to the Internet, Web security as online shopping emerged, wireless security as Wi-Fi and smartphones became ubiquitous, and security sensing networks as analytic technology became mainstream. He has been featured in CNN, The Wall Street Journal and other leading publications.
September 22, 2021
- GigaOm Names Moogsoft an Industry Leader in “Radar for AIOps Solutions” Report
- Clearsense Acquires Plug-and-Play AI Analytics Firm
- Purdue University Global Launches Master of Science in Data Analytics
- Dihuni OptiReady CognitX Deep Learning Servers and Workstations Powered by NVIDIA Ampere Architecture-based GPUs
- Scality Awarded New U.S. Patent for Breakthrough Technology in Hyper-Scale Data Protection
- MicroAI to Bring AI Training to Renesas MCUs
- Recent Gartner VP Analyst Sanjeev Mohan Joins Okera as a Strategic Advisor
- C3 AI Reinvents Enterprise Software UX With C3 AI Data Vision
September 21, 2021
- Healthcare Analytics Summit 21 Virtual Kicks Off Today
- Tesco Selects Teradata Vantage to Drive Enterprise-Wide Analytics at Scale
- Ketch Secures $20 Million in Series A1 Funding, Accelerating its Rapid Growth
- Yandex Spins Off ClickHouse into Standalone Company
- Analytics Vidhya Announces $5.5 Million Strategic Investment from Fractal, Aims to Train Half a Million Full Stack AI Professionals
- Nutanix Cloud Platform Breaks Down Silos in Hybrid Multicloud Operations
- Telit Announces New Industrial IoT Platform To Visualize Machine Data
- ActiveNav Launches Data Mapping as a Service Solution
- The Linux Foundation Announces Agenda and Speaker Lineup for the 2021 Linux Foundation Member Summit
- Altair Names TrueInsight to Altair Channel Partner Program
- Ahana Cofounder Will Co-Lead Session At OSPOCon 2021 About Presto SQL Query Engine
- Instaclustr Now Offering Fully Managed Cassandra 4.0 in GA
Most Read Features
- One on One with Google Cloud Product Director Irina Farooq
- Big Data File Formats Demystified
- Tabular Seeks to Remake Cloud Data Lakes in Iceberg’s Image
- What’s the Difference Between AI, ML, Deep Learning, and Active Learning?
- Who’s Winning In the $17B AIOps and Observability Market
- SambaNova Brings Custom Silicon To Bear on High-End AI Workloads
- In Search of the Modern Data Stack
- COVID-Driven Cloud Surge Takes a Toll on the Data
- Rethinking Education in an AI-First World
- Did Rockset Just Solve Real-Time Analytics?
- More Features…
Most Read News In Brief
- LinkedIn Open Sources Tech Behind 10,000-Node Hadoop Cluster
- Data and AI Salaries Continue Upward March, O’Reilly Says
- Gartner Shuffles the Technology Deck with Latest ‘Hype Cycle’ Report
- Data Prep Still Dominates Data Scientists’ Time, Survey Finds
- Who’s Winning in Open Source Data Tech
- Can Apple Right its Privacy and Security Cart?
- Apollo CEO Bullish on GraphQL’s Potential in the Enterprise
- Hands-Off: Manual Data Integration Tasks Plummeting, Gartner Says
- Why Is SAS Going Public?
- Unstructured Data Growth Wearing Holes in IT Budgets
- More News In Brief…
Most Read This Just In
- TIBCO NOW 2021 Showcases Limitless Power of Data
- Cribl Raises $200M in Series C Funding on Traction with Global Enterprise Customers
- Toloka Launches Data Research Grants, Announces First Eight Recipients
- Anaconda Announces Support for Pyston, Hiring Lead Developers Kevin Modzelewski and Marius Wachtler
- MariaDB Announces SIS Provider Campus Cloud Services Migration to MariaDB SkySQL
- Transaction Processing Performance Council (TPC) Launches an Artificial Intelligence Benchmark (TPCx-AI)
- Kinetica Fuses Streaming and Contextual Analysis At Scale
- DataRobot Launches “DataRobot AI Cloud” Platform
- OneStream Previews New AI and ML Capabilities at Splash 2021
- JetBrains Launches Public Early-Access Program for JetBrains DataSpell IDE
- More This Just In…
Sponsored Partner Content
October 5 - October 7
October 12 - October 14
October 19London United Kingdom
October 27 - October 28
November 29 - December 3
December 6 - December 10San Diego CA United States