Encryption May Lower Fines Under New EU Privacy Regime

Companies can lower the risk of massive fines under the new European Union privacy regime by embracing encryption of personal data, privacy attorneys and data security professionals told Bloomberg BNA.

GDPR pushing encryption

The EU General Data Protection Regulation (GDPR), which takes effect in May 2018, instructs privacy regulators to consider whether data are encrypted in setting fines for data breaches, which can reach maximums of 20 million euros ($21.9 million) or 4 percent of a company’s global annual revenue.

Companies that encrypt personal data will also be exempt from the GDPR’s new mandatory data breach notification provisions.Jacob Ginsberg, senior director with Toronto-based secure email company Echoworx, told Bloomberg BNA that such provisions mean the GDPR “is pushing not only encryption but the whole idea of security and privacy by design.” Privacy by design and security by design are models where companies include privacy protection and data security considerations from the early stages of the creation of a new product or service.

READ FULL STORY ...

#GDPR #encryption #privacy #security #infosec #datalossprevention

Who's Behind The Blog
Recommanded Reading
Search By Tags
No tags yet.
Follow "Jacob Ginsberg"
  • Black LinkedIn Icon
  • Twitter Basic Black