In a world more concerned than ever with privacy and data security, law makers are scrambling to keep up to date.
With the growth of the internet, many old and inappropriate laws have been bent to fit a purpose they were not designed for. A case in point are European data protection directives which date back more than two decades.
In April this year a new law was adopted - the General Data Protection Regulation, or GDPR. With compliance with the law required of the 28 EU member states by 25 May 2018, a two-year countdown is now underway. GDPR is welcomed by Mozilla who is using the 24-month compliance deadline to draw attention to some of the regulation's highlights.
Mozilla says that GDPR is designed to benefit both companies and the public, and recognises the importance of the fact that it will have an impact far beyond the borders of Europe. Denelle Dixon-Thayer, Chief Legal and Business Officer at Mozilla Corporation says that the regulation will help to improve trust and security. She welcomes regulation being updated as the previous data protection directive was drafted when hardly anyone made use of the internet - we now live in a very different world with very different needs.
Mozilla is throwing its support behind GDPR and says it "will continue to track the implications". It also highlights what it believes to be the key strength of the new regulation. The company's quintet of regulatory favourites are:
- Less is more: we welcome the reaffirmation of core privacy principles requiring that businesses should limit the amount of data they collect and justify for what purpose they collect data. At Mozilla, we put these principles into action and advocate for businesses to adopt lean data practices.
- Greater transparency equals smarter individual choice: we applaud the Regulation’s endorsement of transparency and user education as key assets.
- Privacy as the default setting: businesses managing data will have to consider privacy throughout the entire lifecycle of products and services. That means that from the day teams start designing a product, privacy must be top of mind. It also means that strong privacy should always be the "by-default setting".
- Privacy and competition are mutually reinforcing: with added controls for users like the ability to port their personal data, users remain the owner of their data, even when they leave a service. Because this increases the ability to move to another provider, this creates competition and prevents user lock-in within one online platform.
- What’s good for the user is good for business: strengthened data and security practices also decreases the risks associated with personal data collection and processing for both users and businesses. This is not negligible: in 2015 data breaches have cost on average $3.79 million per impacted company, without mentioning the customer trust they lost.
Photo credit: Roobcio / Shutterstock