Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home Cybersecurity
    • Cybersecurity

    How Enterprises Can Make GDPR a Global Data Privacy Standard

    Written by

    Wayne Rash
    Published May 30, 2018
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      For some U.S. companies, the European Union’s General Data Protection Regulation is a source of fear. They’ve heard about the massive penalties for non-compliance. They’ve heard about the complexity of the requirements and they don’t know what to do. In extreme cases these companies are simply blocking all internet traffic from Europe. 

      In other cases it’s about the annoyance of having to deal with multiple standards. They have to write one set of privacy policies for Europe and another set for everywhere else. Worse, they have to comply with multiple sets of legal requirements. 

      But it doesn’t have to be this way. While the GDPR privacy requirements are strict and the penalties potentially huge, companies that are making a good-faith effort to be compliant aren’t going to be severely punished.

      Your company can eliminate the pain of having multiple privacy policies by simply having one that meets global requirements, in other words, by having GDPR compliant practices throughout your company, not just in the parts the deal with the EU. Some big enterprises are doing just that, including no less a global technology giant than Microsoft, which has announced that it’s providing GDPR rights to everyone. 

      “We believe privacy is a fundamental human right,” Microsoft’s deputy general counsel Julie Brill said in her blog on the topic. Brill said that privacy has grown in importance as people spend more time online, and expose more of their personal activities online. 

      “Privacy is also the foundation for trust,” Brill continued. “We know that people will only use technology that they trust.” 

      “That’s why today we are announcing that we will extend the rights that are at the heart of GDPR to all of our consumer customers worldwide,” Brill explained. “Known as Data Subject Rights, they include the right to know what data we collect about you, to correct that data, to delete it and even to take it somewhere else.” 

      Meanwhile, Facebook and Google have also said that the companies are GDPR compliant, although not as explicitly as Microsoft. 

      What’s important about Microsoft’s approach is that the company has settled on one standard for how it protects privacy everywhere in the world. That means that its U.S. customers will get European level privacy, despite the fact that it’s not required under U.S. law. The same is true in all other parts of the world. 

      For Microsoft and for other companies that have any exposure to EU privacy rules, this makes a lot of sense. It costs money to develop multiple standards, it costs more money to coordinate which standards apply where and under what circumstances and more yet to find ways to automate how those multiple standards apply. 

      By adopting the EU’s GDPR, Microsoft only has to support one standard. The cost of developing legal privacy standards for many different places has gone away. Now there’s just one. And because the GDPR is both more specific and broader, it apparently meets the requirements everywhere else as well. 

      This is not to suggest that changing your privacy policies so that they comply with the GDPR is going to be easy or cheap. But the reality is that if your company has a significant presence in Europe, you’re going to have to create GDPR-compliant practices anyway.  But establishing the EU standard for everyone eliminates the complexity of supporting other standards. 

      Unfortunately, as Google and Facebook have found out, just saying that your company is supporting the GDPR isn’t enough. Both companies were sued for GDPR violations on May 25, the day the regulation went into effect. 

      The lawsuits, which would force the courts to impose fines of €3.7 billion and €3.9 billion respectively, say that the companies are not actually meeting GDPR requirements. At issue, according to Austrian activist Max Schrems, the EU citizen who filed them, is the single check box the companies use to accept their privacy policies. The GDPR requires that you have a choice of which policies to accept and that it’s not an all-or-noting choice. 

      On the other hand, Microsoft, which has transparently adopted the GDPR requirements globally has not been sued. 

      What this demonstrates is that it’s possible to have a global privacy standard. However, for your global privacy standard to work, you have to make sure you actually meet the GDPR requirements. 

      Microsoft is helping in this area as well. The company has created a resource that provides sample privacy policies, model clauses and help with complying with the U.S. Privacy Shield. Microsoft has also revised its cloud service so that it complies with the GDPR and it’s provided a compliant version of Office 365. 

      While some might view this effort on Microsoft’s part as a cynical attempt to profit from the angst over the new rules, I don’t see it that way. Microsoft has demonstrated a long commitment to privacy for years and has done battle with an aggressive U.S. Justice Department to protect its customers’ privacy. These aren’t the actions of a company trying to leverage its way into a fast buck. 

      Of course, you don’t have to pay attention to GDPR compliance. If you’re a company that doesn’t seek business in the EU and which rejects contact with that potential community of customers, you’re probably fine. Just be careful that you don’t violate the GDPR in the process.

      Wayne Rash
      Wayne Rash
      https://www.eweek.com/author/wayne-rash/
      Wayne Rash is a content writer and editor with a 35-year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He is the author of five books, including his most recent, "Politics on the Nets." Rash is a former Executive Editor of eWEEK and a former analyst in the eWEEK Test Center. He was also an analyst in the InfoWorld Test Center and editor of InternetWeek. He's a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.