Why the GDPR Deadline Is the Beginning of a New Privacy Era
May 25 is the first day for enforcement of the European Union's General Data Protection Regulation, but Michelle Dennedy isn't too worried about it. The chief privacy officer of Cisco doesn't expect many organizations to actually be compliant, but she is optimistic that GDPR does herald a new beginning for privacy.
In a video interview with eWEEK, Dennedy details her views on GDPR and why May 25 is not the deadline that some have made it out to be.
"The world is not ending, and GDPR is not Y2K," Dennedy said.
GDPR provides a set of regulations to help protect user privacy and enforce data protection. GDPR also includes reporting requirements for organizations to disclose data breaches within 72 hours, as well as impose harsh penalties for organizations that do not protect user data.
Dennedy said she doesn't expect most organizations to be compliant on May 25, simply because it is only the beginning of the new era for privacy and there are still lots of things that have to be determined. GDPR helps to identify the fair data privacy and puts information principles into a practice that recognizes that data privacy is valuable, she said.
"Welcome to the new era and be excited," Dennedy said. "If you think you're going to be compliant, you're going to be sorely disappointed."
At Cisco, Dennedy said that rather than using the term "compliance," she prefers to use the term "GDPR-ready." She noted that executive buy-in and the innovative nature of Cisco have made it "fun" for her to work on GDPR at the company.
Watch the full video with Michelle Dennedy above.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.