Pseudonymisation

  • Comments posted to this topic are about the item Pseudonymisation

    Best wishes,
    Phil Factor

  • Another question on cost. Is that determined by case law? Are people publishing the amounts they are spending to comply?

  • Well the cost of compliance is a difficult one to calculate because it is most often the cost of doing what you should have been doing anyway, but have put off up to now. There are a few exceptions, such as the rights to transfer data to another service provider. (gas/water/phone etc...) but that looks as if that one  isn't likely to be insisted on. I don't know of any studies that have been done on the likely cost to companies of complying with GDPR. My guess is that it will be huge, because there is such a gulf between best practices and the make-do approach in companies with limited budgets. German IT companies will profit hugely because they already  have to be compliant for the domestic German IT market, and it will be cheaper for companies to buy compliant software from German companies rather than update their own.

    Best wishes,
    Phil Factor

  • Who else profits from non-compliance? In the U.S. it is typically the injured party and the plaintiff's attorneys. How does enforcement work in the EU?

  • Phil, I really appreciate the points you made.  Too many people discount the importance of keeping data secure, and you hit on more than a few points of why the things we do today are not reliable.  Thank you for bringing this up!

    Dave

  • Robert Sterbal-482516 - Friday, May 19, 2017 8:10 AM

    Who else profits from non-compliance? In the U.S. it is typically the injured party and the plaintiff's attorneys. How does enforcement work in the EU?

    I don't know if that is true, what I have seen is that government fines go to the government, and the people who suffered have little to no recourse.  I understand your point, just saying that I believe the system is set up to prevent the consumer from ever being compensated fairly for breaches.

    Dave

  • The problems for litigation so far in EU countries has been the looseness of the privacy laws. This is the real reason for the GDPR. Once these are 'given teeth', it will enable people whose privacy has been violated to get compensation. This is civil action and quite different from the punitive fines that are issued by the government. In the UK this is done by the ICO  https://ico.org.uk/for-organisations/data-protection-reform/

    Best wishes,
    Phil Factor

Viewing 7 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic. Login to reply