The 2 years of the general regulation of personal data: what assessment can be made?
The European standard enacted two years ago, the general regulation of the protection of personal data is now in a rather delicate situation.
This article will also interest you: 6 concepts to know about modern cybersecurity
With the pandemic shaking the world, it becomes difficult for states to guarantee the fullity of the provisions present in this standard. Because the situation does not lend itself to it. If it is not the authorities themselves that often stand still in certain places owned by individuals under the regulation, it is the companies or other private structures that do so. These may be public interest reasons such as public health, or economic reasons. But that's only for these recent months. Even before the pandemic, the European standard without defending the rights of users of digital services had a mixed record. In this regard, Greg Day, head of operations at Palo Alto Networks in the EMEA area, in addition, the head of information development on cyber threats and safety hygiene practices, noted: "As we celebrate the second anniversary of the entry into force of the RGPD, one of my main concerns is that , in one way or another, the educational purpose of this regulation has been lost. We seem to have missed the opportunity to help companies learn from their mistakes. For me, that was one of the positive aspects of the RGPD. It was designed as a roadmap to continuously improve the security and privacy of businesses. However, I do not believe that there has been an international effort to identify the most common mistakes made by companies, regardless of size, by applying the RGPD and avoiding them. ».
In the current context, companies to agree only with the expert. Because today we are witnessing an upsurge in computer threats and a situation where the usual rules and protocols are difficult to apply properly.
One of the major problems with the general regulation of data protection would be its adaptability to the constant evolution of technology. Indeed, for a rule that was enacted two years ago, it is very likely that, at present, technological advances have rendered many of its provisions obsolete or difficult to apply. It's not just technology that's evolved. But also practices in collection, production, and data management. "It is important to ensure that the application of the RGPD remains clear despite various technological changes. Thus, since the RGPD came into operation, many companies have migrated to the cloud, whose use has become widely used with high adoption rates. These companies need to think about how the RGPD applies to it when data is circulating in the cloud much more than expected. This is to document the specific risks involved, and to define a roadmap for continuous privacy and improved security. advised expert Greg Day.
Some situations such as the coronavirus pandemic have pushed experts on all sides to question certain principles, at least until the fight against this disease comes to an end. And of course, some practices that have started since the beginning of coronavirus, are hardly likely to end overnight. As a result, the European standard would benefit from adapting as quickly as possible a new and ever-emerging technology while trying to control the legal aspect of personal data management as much as possible, which is becoming increasingly complex.
Another negative point and to emphasize against the RGPD. It is the diversity of interpretations and transposition in the countries of the European Union. This was one of the major weaknesses to be raised during these 2 years. If one were to have several countries, each with its own interpretation of the rule, then it becomes difficult to give the necessary mandatory value to a particular provision in the face of a particular fact.
Now access an unlimited number of passwords:
