Will 2019 Be the Year of GDPR Fines?
Will 2019 Be the Year of GDPR Fines?

Is 2019 the year we will feel the full impact of GDPR? Chances are good the answer to that question is a resounding “yes!”

GDPR went into effect May 25, 2018 and, as of yet, no sizable fines have been levied for data privacy missteps in the protection of personally identifiable information (PII) of EU citizens. Despite light action in actual enforcement to date, there is plenty of evidence to suggest regulators have been very busy with all of the details that will inevitably lead up to the big penalties the regulation has become known for.

Last year, data privacy groups filed the first complaints under GDPR against Facebook and Google. Since then, nearly every European data protection agency (DPAs) reports a significant increase in both data privacy complaints and breach notifications. The newly formed European Data Protection Board (EDPB) is tasked with enforcing GDPR and says well over 40,000 complaints have so far been lodged across the EU.

Gain continuous compliance

As the number of complaints continues to rise, DPAs are staffing up to investigate and handle resulting enforcement action. The Irish Data Protection Commission (DPC) for example, has grown from less than 30 employees in 2014 to 130 employees in 2018, with further expansion planned for 2019. Many of the world’s largest tech companies have their EU headquarters in Ireland, including Facebook, Twitter, Microsoft and LinkedIn and, therefore, fall under the purview of the DPC.

All DPAs aren’t exclusively focused on hand-slapping however. Some have been consulting with businesses on how to better protect their data. And, in December, the EDPB issued guidelines for how to comply with the geographic scope currently outlined in Article 3 of GDPR which could be interpreted as anyone who processes EU citizen data must comply, regardless of where the business is located.

Monitor and Secure PII

What can you do to address GDPR compliance and ensure you won’t be making headlines for the wrong reasons in 2019 and beyond? Because you can’t secure what you can’t see, the first step is to maintain uncompromised visibility and control over all of your endpoints, whether they are on or off your corporate network.

To help you determine where your PII is located (as defined by any of the 31 European countries subject to GDPR) by device ID and username, Absolute today introduced a new GDPR Compliance Report that is now part of the Absolute Platform.

In addition to where your data is located, the report also shows you whether or not that data has been encrypted and when – required pieces of information for compliance. The report generates a GDPR aggregate match score which is a sum of all matches for compliance with rules that have been built in to the system as well as any custom rules you’d like to add.

Watch this video, Strengthen Your GDPR Compliance with Absolute for a quick overview of how Absolute helps you identify EU-specific PII data residing on all of your endpoint devices, and the importance of having the ability to take immediate action to remotely remediate the risk.

ABOUT THE AUTHOR

Neeraj Annachhatre

Neeraj Annachhatre is Technical Marketing Manager within Absolute’s Product team. He provides customer and market insights for the Product Management and Development teams to leverage while leading go-to-market initiatives centered on the Absolute platform. Prior to Absolute, his work experiences include technical and managerial roles within the Cybersecurity, Semiconductor and Financial Technology industries in North America and Asia. He holds bachelors and masters degrees in Electrical Engineering from Purdue University and the University of Southern California respectively and an MBA from the Ivey Business School at Western University.



0 COMMENTS

Leave a Reply

Your email address will not be published.