GDPR: What has been the fallout so far? | CyberSecuritySpeak

Racepoint Global

Written by: Tom Mackintosh – PR Client Executive, Racepoint Global UK

After two years of hype and confusion, GDPR is finally official and the world is waiting in anticipation to see what happens next. It’s the calm before the storm, an increasingly familiar feeling.

One week on, are we any wiser? And what does it mean for the marketing and PR industry? To the second point, Matt Hughes from The Next Web wrote a great article on this, which incidentally features our own Andrew Laxton.

However, on the first point and as lawmakers circle ready to pounce on those who step out of line, it’s quite ironic that the initial breach occurred closer to home.

Following the news of a leak of more than 700 records of personal data, the European Commission – who imposed GDPR – was the unfortunate first victim of the new regulation. Although on this occasion, the Commission will not be punished by GDPR’s far-reaching fines, it does highlight the challenge that all businesses and organisations face on their GDPR journey.

Another question that was raised this week around GDPR, is if it is actually good for the cybersecurity industry as a whole. While the privacy and increased data protection of EU citizens is a welcome sight, there have been discussions about the difficulties it adds to the tasks of some of those working in the cybersecurity industry.

Who is next?

As the BBC recently reported, GDPR could “make it harder to catch hackers” and they may have a point.

As it stands, the implications of GDPR could mean hackers have easier access to a company’s computer systems. A good example of this is Whois, a software programme widely used by both the police and cybersecurity companies to help detect who’s behind nefarious website domains and IP addresses. This information is often used to then help shut down sites, but thanks to GDPR, it looks as though this time it will be Whois that gets shut down.

This is just one negative consequence of GDPR, as crucial information that can be used to help protect citizens can now, not be shared.  Only time will tell how much of an issue this is, and what it will mean for more both organisations and EU citizens.

Without a doubt, GDPR brings a lot of good practices that have for a long time been needed. However, it still remains to be seen what impact GDPR will have on the cybersecurity industry as a whole.

 

News Round-Up

BBC News

GDPR ‘risks making it harder to catch hackers’

A service used to identify and contact website owners has been forced to strip out information on its site to comply with the EU’s GDPR legislation.

The Daily Telegraph

‘Embarrassing’ leak shows EU falls short of own GDPR data law

The European Commission has claimed it is not subject to the strict new data protection law that it has imposed across Europe, following an “embarrassing” leak of personal data on its website.

The Wall Street Journal

The EU’s Gift to Cybercriminals

Europe’s new privacy rule, called the GDPR, already is thwarting security researchers and police.

Quartz

The genius of GDPR is that it forces companies to police each other

The genius behind GDPR isn’t just what it means for consumer rights, it’s about how the threat of massive fines means companies themselves will do most of the heavy lifting when it comes to policing and enforcing the broad set of rules.

Silicon Republic

Could GDPR be used to the advantage of cyber-criminals?

Many businesses aren’t yet serious about GDPR. But this will change when the Data Protection Commissioner (DPC) starts issuing penalty notices later this year. When that happens, businesses could flip to the other extreme, suspending services at the first hint of an attack rather than risking GDPR penalties.

The Next Web

Tech PR people are weirdly okay with GDPR

GDPR has an impact on virtually every industry that deals with personal data. Take, for example, the PR industry. Publicists rely on the personal information of journalists, editors, and tastemakers, in order to build the public image of their clients. It’s fair to say that, as an industry, PR is as equally driven by data as it is relationships. But most PR people are pretty sanguine about GDPR — the good ones, at least. In fact, they welcome it, as they believe it’ll weed out the bad actors from the industry.