Companies are wary because there is a lot left for interpretation in the new GDPR guidelines: File photoCompanies which do business in European Union nations will be bound by a fresh set of strict guidelines on protecting user data from May 25.
The data protection law is a growing matter of worry for the businesses as the unprecedented legislation could play a major disrupter in the industry.
Under the General Data Protection Regulation (GDPR), companies will be mandated to put new systems and practices in place to protect user data.
Companies are wary because there is a lot left for interpretation in the new GDPR guidelines.
For example: a draft document said companies must ensure 'a reasonable level' of protection for personal data but does not define 'reasonable level.'
Companies and businesses fear this may allow the governing body of GDPR to levy heavy fines in the event of a perceived breach.
What is GDPR?
GDPR was adopted by the Europen parliament in April 2016.
GDPR regulates/restricts the 'exportation' of personal data from EU.
Why GDPR?
GDPR has been laid down following a public outcry and concern over personal data security.
As per an RSA Data Privacy and Security Report, 62% respondents blamed companies and business for personal data loss and breach than hackers.
Why are companies concerned?
The standards set are quite high and the companies will need to make huge investments.
Most companies in the US feel they will be at a disadvantage in comparison to EU firms as the new guidelines take effect.
What data will be protected?
Basic identity information (name, address)
Web information like IP addresses, cookie data
Health and genetic data
Biometric data
Racial or ethnic data
Political opinion
Sexual orientation
