Connect with us

Business

THE EU GENERAL DATA PROTECTION REGULATION IS NOW FINALISED. HERE’S WHAT YOU NEED TO KNOW.

Published

on

The EU General Data Protection Regulation Is Now Finalised. Here’s What You Need to Know.

You are back in the office after the long holiday break and busy catching up. Did you miss the story about the EU’s General Data Protection Regulation (GDPR) receiving final approval?  Some are calling it a “milestone of the digital age”.

Andy Green

Andy Green

We’ve been following the GDPR on the Varonis blog over the last two years. If you want to catch up very quickly, read our omnibus post that’s a tasty distillation of our wisdom on this subject.

Or if you have some more time, check out our comprehensive GDPR white paper.

With the final draft, a few ambiguities and loose ends were ironed out from the different versions provided by the EU Parliament and the Council.

I’ve put together a few key points that should resonate with Inside Out readers. Keep in mind the GDPR will take effect in 2018, and until then the old Data Protection Directive (DPD) remains the law.

Fines

We have closure on the question of fines: the GDPR has a tiered fine structure.

For example, a company can be fined up to 2% for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach (articles 31, 32), or not conducting impact assessments (article 33).

More serious infringements merit a 4% fine. This includes violation of basic principles related to data security (article 5) and conditions for consumer consent (article 7)– these are essentially violations of the core Privacy by Design concepts of the law.

The EU GDPR rules apply to both controllers and processors that is “the cloud”. So huge that cloud providers are not off the hook when it comes to GDPR enforcement.

Data Protection Officer

It’s official: you’ll likely need a Data Protection Officer or DPO. You can read the fine print in article 35.

If the core activities of your company involve “systematic monitoring of data subjects on a larger scale”, or large-scale processing of “special categories” of data—racial or ethnic origin, political opinions, religious or philosophical beliefs, biometric data, health or sex life, or sexual orientation– then you’re required to have a DPO.

In the US, the closest job title to this is a Chief Privacy Officer.

In any case, the job function of the DPO includes advising on and monitoring GDPR compliance, as well as representing the company when contacting the supervising authority or DPA.

Data Breach Notification

24 or 72 hours?

And the winner is … 72.

Article 31 tells us that controllers are required to notify the appropriate supervisory authority of a personal data breach within 72 hours (at the latest) on learning about the exposure if it results in risk to the consumer. But even if the exposure is not serious, the company still has to keep the records internally.

According to the GDPR, accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data – the EU’s term for PII—is considered a breach.

Note my emphasis on unauthorised.

Based on my understanding of the GDPR, this means that if an employee sees data that’s not part of their job description, it could be considered a breach.

Of course, this is not a problem for your company, because your IT department has done a thorough job reviewing file access lists and has implemented role-base access controls.

You can read more about what you have to provide to the data authority in our “What is the EU GDPR” post.

Bottom line: The GDRP notification is more than just saying you have had an incident.  You’ll have to include categories of data, records touched, and approximate number of data subjects affected. And this means you’ll need some detailed intelligence on what the hackers and insider were doing.

Data processors have a little more wiggle room: they’re supposed to notify the company they’re doing the work for—the controller– “without undue delay”.

Under what conditions does a company have to tell the subject about the breach?

You can read the details in article 32, but if a company has encrypted the data or taken some other security measures that render the data unreadable, then they won’t have to inform the subject.

For Countries Outside the EU

We’ve been raising the alarms on extra-territoriality for several months now.

With the GDPR finalised, we can say with certainty the law applies to your company even if it merely markets goods or services in the EU zone.

In other words, if you don’t have a formal presence in the EU zone but collect and store the personal data of EU citizens, the long arm of the GDPR can reach out to you.

As many have been pointed out, the extra-territoriality requirement (article 3) is especially relevant to ecommerce companies.

Social media forums, online apartment sharing, artisanal craft sites, or beers of the world clubs: you’ve been warned!

Other Resources

All the permutations of the GDPR and how it can applies is just too complex to cover in a few blog posts.  Of course, your Data Privacy Officer is the go-to person for advice, along with outside legal experts.

Business

Sunak to raise business tax to pay for COVID-19 support – The Sunday Times

Published

on

Sunak to raise business tax to pay for COVID-19 support - The Sunday Times 1

(Reuters) – British finance minister Rishi Sunak is set to increase a tax on business to pay for an extension to COVID-19 support schemes in the budget next month, The Sunday Times reported https://bit.ly/3ujaBcU.

Sunak, in his speech on March 3, will announce he is increasing corporation tax from 19 pence in the pound and will outline a pathway where it rises to 23 pence in the pound by the time of the next general election, the report said. The move will raise an expected 12 billion pounds ($16.8 billion) a year, the report added.

According to the report, at least 1 pence is set to be added to the bill for business from this autumn, at a cost to business of 3 billion pounds, with further rises in subsequent years.

Allies of Sunak clarified he would not increase corporation tax higher than 23%.

These measures will be helpful in paying for an extension to the furlough scheme, VAT cuts and business support loans until at least August.

Unlike the 2010 Conservative-led government, which pursued spending cuts to rebalance the economy after the global financial crisis, Sunak is expected to defer most of the toughest decisions about how to pay for that support in his budget speech.

“The corporation tax hike will be higher than expected and the extension of the support schemes will be longer than most people expect,” the newspaper quoted a source as saying.

Insiders indicated the stamp duty holiday on property purchases would also be extended in line with the other coronavirus support measures, the report said.

Britain’s economy had its biggest slump in 300 years in 2020, when it contracted by 10%, and will shrink by 4% in the first three months of 2021, the Bank of England predicts.

($1 = 0.7136 pounds)

 

(Reporting by Vishal Vivek in Bengaluru; Editing by Lincoln Feast.)

 

Continue Reading

Business

Foxconn chairman says expects “limited impact” from chip shortage on clients

Published

on

Foxconn chairman says expects "limited impact" from chip shortage on clients 2

TAIPEI (Reuters) – The chairman of Apple Inc supplier Foxconn said on Saturday he expects his company and its clients will face only “limited impact” from a chip shortage that has rattled the global automotive and semiconductor industries.

“Since most of the customers we serve are large customers, they all have proper precautionary planning,” said Liu Young-way, chairman of the manufacturing conglomerate formally known as Hon Hai Precision Industry Co Ltd

“Therefore, the impact on these large customers is there, but limited,” he told reporters.

Liu said he expected the company to do well in the first half of 2021, “especially as the pandemic is easing and demand is still being sustained.”

The global spread of COVID-19 has increased demand for laptops, gaming consoles, and other electronics. This caused chip manufacturers to reallocate capacity away from the automotive sector, which was expecting a steep downturn.

Now, car manufacturers such as Volkswagen AG, General Motors Co and Ford Motor Co have cut output as chip capacity has shrunk.

Counterpoint Research says the shortage has extended to the smartphone sector, with application processors, display driver chips, and power management chips all facing a crunch.

However, the research firm predicts Apple will face a minimal impact, due to its large size and its suppliers’ tendency to prioritise it. Apple is Foxconn’s largest customer.

Foxconn is looking at other areas for growth, including in electric vehicles (EVs), and Liu said their EV development platform MIH now had 736 partner companies participating.

He expected it would have two or three models to show by the fourth quarter, though did not expect EVs to make an obvious contribution to company earnings until 2023.

Liu also said the company was still looking for semiconductor fab purchase opportunities in Southeast Asia after not winning a bid to take over a stake in Malaysia-based 8-inch foundry house Silterra.

(Reporting by Ben Blanchard and Jeanny Kao; Writing by Josh Horwitz; Editing by William Mallard and Ana Nicolaci da Costa)

Continue Reading

Business

EU seeks alliance with U.S. on climate change, tech rules

Published

on

EU seeks alliance with U.S. on climate change, tech rules 3

By Sabine Siebold and Kate Abnett

BERLIN (Reuters) – Europe and the United States should join forces in the fight against climate change and agree on a new framework for the digital market, limiting the power of big tech companies, European Union chief executive Ursula von der Leyen said.

“I am sure: A shared transatlantic commitment to a net-zero emissions pathway by 2050 would make climate neutrality a new global benchmark,” the president of the European Commission said in a speech at the virtual Munich Security Conference on Friday.

“Together, we could create a digital economy rulebook that is valid worldwide: a set of rules based on our values, human rights and pluralism, inclusion and the protection of privacy.”

The EU has pledged to cut its net greenhouse gas emissions to zero by 2050, while President Joe Biden has committed the United States to become a “net zero economy” by 2050.

Scientists say the world must reach net zero emissions by 2050 to limit global temperature increases to 1.5 degrees above pre-industrial times and avert the most catastrophic impacts of climate change.

The hope is that a transatlantic alliance could help persuade large emitters who have yet to commit to this timeline – including China, which is aiming for carbon neutrality by 2060, and India.

“The United States is our natural partner for global leadership on climate change,” von der Leyen said.

She called the Jan. 6 storming of the U.S. Capitol a turning point for the discussion on the impact social media has on democracies.

“Of course, imposing democratic limits on the uncontrolled power of big tech companies alone will not stop political violence,” von der Leyen said. “But it is an important step.”

She was referring to a draft set of rules unveiled in December which aims to rein in tech companies that control troves of data and online platforms relied on by thousands of companies and millions of Europeans for work and social interactions.

They show the European Commission’s frustration with its antitrust cases against the tech giants, notably Alphabet Inc’s Google, which critics say have not addressed the problem.

But they also risk inflaming tensions with Washington, already irked by Brussels’ attempts to tax U.S. tech firms more.

Von der Leyen said Facebook’s decision on a news blackout on Thursday in response to a forthcoming Australian law requiring it and Google to share revenue from news underscored the importance of a global approach to dealing with tech giants.

(Additional reporting by Foo Yun Chee; editing by Robin Emmott and Nick Macfie; editing by Jonathan Oatis)

Continue Reading
Editorial & Advertiser disclosureOur website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.

Call For Entries

Global Banking and Finance Review Awards Nominations 2021
2021 Awards now open. Click Here to Nominate

Latest Articles

Former Bank of England Governor Carney joins board of digital payments company Stripe 4 Former Bank of England Governor Carney joins board of digital payments company Stripe 5
Finance17 hours ago

Former Bank of England Governor Carney joins board of digital payments company Stripe

By Kanishka Singh (Reuters) – Mark Carney, former head of the UK and Canadian central banks, has joined the board...

Airbus CEO urges trade war ceasefire, easing of COVID travel bans 6 Airbus CEO urges trade war ceasefire, easing of COVID travel bans 7
Top Stories17 hours ago

Airbus CEO urges trade war ceasefire, easing of COVID travel bans

By Tim Hepher PARIS (Reuters) – The head of European planemaker Airbus called on Saturday for a “ceasefire” in a...

Why a predictable cold snap crippled the Texas power grid 8 Why a predictable cold snap crippled the Texas power grid 9
Top Stories17 hours ago

Why a predictable cold snap crippled the Texas power grid

By Tim McLaughlin and Stephanie Kelly (Reuters) – As Texans cranked up their heaters early Monday to combat plunging temperatures,...

UK could declare Brexit 'water wars' - The Telegraph 10 UK could declare Brexit 'water wars' - The Telegraph 11
Top Stories17 hours ago

UK could declare Brexit ‘water wars’ – The Telegraph

(Reuters) – Britain could restrict imports of European mineral water and several food products under retaliatory measures being considered by...

Commerzbank to lose 1.7 million clients by 2024 - Welt am Sonntag 12 Commerzbank to lose 1.7 million clients by 2024 - Welt am Sonntag 13
Banking17 hours ago

Commerzbank to lose 1.7 million clients by 2024 – Welt am Sonntag

FRANKFURT (Reuters) – Commerzbank expects to lose 1.7 million customers by 2024 as part of its current restructuring, resulting in...

Bitcoin and ethereum prices 'seem high,' says Musk 14 Bitcoin and ethereum prices 'seem high,' says Musk 15
Top Stories17 hours ago

Bitcoin and ethereum prices ‘seem high,’ says Musk

(Reuters) – Billionaire CEO Elon Musk said on Saturday the price of bitcoin and ethereum seemed high, at a time...

Sunak to raise business tax to pay for COVID-19 support - The Sunday Times 16 Sunak to raise business tax to pay for COVID-19 support - The Sunday Times 17
Business17 hours ago

Sunak to raise business tax to pay for COVID-19 support – The Sunday Times

(Reuters) – British finance minister Rishi Sunak is set to increase a tax on business to pay for an extension...

FTSE Russell to include 11 stocks from China's STAR Market in global benchmarks 18 FTSE Russell to include 11 stocks from China's STAR Market in global benchmarks 19
Trading2 days ago

FTSE Russell to include 11 stocks from China’s STAR Market in global benchmarks

SHANGHAI (Reuters) – Index provider FTSE Russell will add 11 stocks from China’s STAR Market to its global benchmarks, according...

Foxconn chairman says expects "limited impact" from chip shortage on clients 20 Foxconn chairman says expects "limited impact" from chip shortage on clients 21
Business2 days ago

Foxconn chairman says expects “limited impact” from chip shortage on clients

TAIPEI (Reuters) – The chairman of Apple Inc supplier Foxconn said on Saturday he expects his company and its clients...

Bitcoin, ether hit fresh highs 22 Bitcoin, ether hit fresh highs 23
Top Stories2 days ago

Bitcoin, ether hit fresh highs

SINGAPORE (Reuters) – Bitcoin hit a fresh high in Asian trading on Saturday, extending a two-month rally that saw its...

Newsletters with Secrets & Analysis. Subscribe Now