Essential Guide to EU Data Protection Laws

The EU GPDR is a reform aimed to improve data protection laws within Europe Union; it’s an integral part in EU privacy and human rights law. EU commission finalized the new GPDR policy that is directly applicable to all the 28 countries in the EU without any need for the national legislature. The directive enters into force on 5th May 2016 and the EU member states will have to transport it into their national law by 28 May 2018.

Here are the 10 key points covered in new EU data protection laws:

1. Regulation to be implemented in all 28 countries in EU

There is a patchwork of different laws and practices for different countries in the EU. With the implementation of this law, a single law for data protection will be enforced all across the 28 countries in the European Union. This will bring much more agile regulation, reduce overhead cost and facilitate the use of cloud computing.

2. Data Protection is the responsibility of Data Processors

Company or individual that control or process the data will be responsible for the protection of the data that include third parties such as cloud providers.  It will be their job to ensure that the right tools and processes are in place for the data to be protected from breach, loss, alternations, disclosure or dissemination.

3. Data Protection by design and default

The companies will now need to review their existing designs and processes to ensure they are compliant with current data security standards. Data protection will need to be scooped right from the initial planning part.

4. Tighter rules for Data Collection

With the implementation of this law, personal data of EU citizens can only be gathered legally under strict conditions for legitimate purposes. This rule is implemented so that all EU citizens’ data will be protected anywhere in the EU.

5. Consent and Right to be Forgotten

This law will give more control to EU citizens over their personal data. It will be necessary to obtain permission to processing anyone’s personal information and the citizens will have the right to revoke it anytime they want. Citizens will also have the right to have their personal data deleted from a company or institution database.

6. Users have right to make compensation claims

The law will empower users to not only protect their data, but also to defend them. Anyone who has his data breached or fear for the integrity of their personal information will be able to sue for the compensation.

7. Communication of user rights

Under the new data protection law, it will be the responsibility of the company to clearly state to their customers about they need their personal data and for what purpose. Companies have to remind the customers will have the legal right to withdraw their consent and personal information at any given time.

8. Immediate Mandatory Reporting of data breaches

In case of any security breach to occur, the authorities will be needed to be notified within 24 hours. If there is a delay, then the company will need to provide proper justification for the reason of delay.

9. Strict sanctions for not complying with EU GDPR

Strict sanctions will be implemented on the companies that fail to comply with the data breach law. Fine as high as 100 million euros or up to 2% of global revenues will be charged.

 10. Circulation of Data outside EU

Data within the EU can circulate freely as long as the integrity of data is safeguarded. However, data transfer to a third party country will be heavily regulated and any EU data being processed abroad must be done as per this legislation.

Conclusion 

Once the EU data protection law is implemented all over the EU, it is hoped that it will give back the control to the citizens over their personal data and simplify the regulatory environment for business. The reform will allow citizens and companies to fully reap the benefits of the digital economy in a safe environment.

 

The 5 Indispensable Steps to Protect your Data in the Cloud

Image source: Technology IHS

Analysts in Gartner Inc. predicted in 2012 that there will be a hundred percent shift of data from offline PC to clouds by 2014. While so far it has not proved hundred percent true, we can clearly see that we’re heading in that direction very smoothly. Millions of users worldwide are now subscribing to cloud storage services every year. A study that was conducted in 2017, the cloud storage market is expected to grow double and by 2020, the cloud storage market is expected to grow to more than $65 billion.

Cloud storage services are taking a strong hold on our lives as we find it easier to access our data anywhere anytime instead of carrying portable flash drives or USB around. The cloud has become a place where everyone stores, meets and exchanges information. Due to the allure of convenience that data storage provides, people trust it more and more even with the sensitive information such as our documents from the bank, ID scans, and confidential information.

But are you completely sure that your information is firmly secure and hundred percent safe from malicious hacks?

Cloud Security issues on Global Level

Unfortunately, many high profile companies are finding it hard to protect data on cloud after serious data breaches reported in retails and corporate giants such as Home Depot, Sony Pictures, JP Morgan Chase etc. Business industries across the globe are now investing heavily in data protection. If you think it just happens to giant corporates, then you must think again. Even small businesses and common folks are being exploited by malicious hacks every day. Hence, it’s time to ensure that your data is protected on cloud storage.

Here are five practical tips to help you protect your data on cloud storage:

1. Backup Data locally

It’s always a good idea to take a backup of your important data so that you’ll still be able to access them even when the original data is lost or corrupted. You can back up your data either on reliable cloud storage service or manually backup the data on the external hard drive or device; it would be even better, if you store them in both supports. This will help you access your data even when there is no or poor internet.

2. Avoid storing sensitive information online

There is no such thing as real privacy on the internet. People believe that if the information belongs to them then it’s their property. However, internet- the space where they store the information is not theirs and they or their cloud storage provider may have to give up their information if the government or federal authorities ask for it. To avoid any scenario where complex legalities are involved, it’s always a good thing to keep sensitive information away from the virtual world or use appropriate solutions.

3. Use Services that encrypt your Data before storing them on the Cloud

Encryption is the best way to protect your data. Either you can encrypt your data by using certain software that will create a password for your file before you move the password encrypted file to cloud storage. However, there are still possibilities of data exploitation as professional hackers may be able to discover the password and hack your file.

To avoid that, you can hire highly efficient services like SMiD that can provide security to your cloud –stored data and protect it by providing reliable and unpredictable cryptographic keys to ensure that the information stays always secure. SMiD is an efficient device that provides the functionality of encrypting all the user’s files before uploading them to the cloud. Similarly, it decrypts the file once it gets downloaded from the cloud- that way your information stays for your eyes only. It’s a nightmare for any hacker to hack the SMiD protected files because all the cryptographic keys and cryptographic processes are done inside the physical device. The best thing about SMiD device is always in the user’s possession hence eliminating the need of someone else to manage privacy and security of your information.

4. Protect your data: Use strong password/ two-step verification

A Strong password is your first line of defense against hackers out there. There are several sure-fire ways to make your password strong and hack resistance. Moreover, you can go for two-way authentication for added security to your passwords.

5. Read your Cloud service agreement carefully

Sometimes the cloud services come with a catch that is hidden in the fine prints in their term of services to make it legitimate. Always make sure that whatever cloud service you choose is able to satisfy your security concerns and you can read their user agreement of service before you sign up.

In conclusion, the cloud is an exciting development of this modern digital era that has created novel arrays of opportunities both on business and individual levels. But it has also created new types of challenges in the protection of that information. Thus it is highly important to strike a right balance between data protection and taking advantage of efficiency and opportunities that cloud technology has to offer.

Care about your privacy: how to avoid annoying surprises

“Arguing that you don’t care about privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say”. E. Snowden.

This sentence was pronounced by Edward Snowden and, as others viral sentences, is continuously circulating through the different social networks. In fact, probably we have all heard this many times: “I have nothing to hide” or the other version: “My information is not important, who is going to want it?”

I have always thought that people who say this kind of things are completely unaware about Continue reading “Care about your privacy: how to avoid annoying surprises”

Safety Concerns with Cloud Storage & Their Possible Solutions

Cloud storage, despite being a relatively recent innovation, has been treated as the most reliable answer to the question of how to safely store your data. To some extent, the hype is very much well deserved and cloud storage provides security to your sensitive data. Besides, it is a lot easier to save your data on a cloud provider than to build data centers that could be expensive and time-consuming. It also drastically cuts down IT costs down the road and ensures that the operations keep running smoothly.

However, it’s not all utopian perfect in the world of cloud storage. There are some genuine concerns Continue reading “Safety Concerns with Cloud Storage & Their Possible Solutions”

Worst Cyber data breaches in 21st Century and how they could be prevented (Part 2)

It is time to continue with the review of the biggest cyber-attacks and data breaches of the 21st Century and what could have been done to prevent them. You will find more cases of the worst security breaches of 21st century in the part 1 of this article. Continue reading “Worst Cyber data breaches in 21st Century and how they could be prevented (Part 2)”