The world is still getting out of cyberchaos, after a recent global attack, world counts the damage, experts are revealing security holes. At the same time, they are looking for solutions that would prevent similar problems in the future.
Sometimes, however, there is no need for global cyberattack, to be yourself at risk. In the digital age, on the one hand, we are "enjoying" completely new technologies and devices that change our lives and provide us with new and new opportunities, increasing every day. On the other hand, we also have to count on the growing number of risks related to our security, not to mention that the possibilities of abuse of our digital identities are increasingly sophisticated.
Sometimes, it is enough to call an unknown company with information about your person and data about your working or personal life. Who does they have contact from? Where this information is known about you? How does anyone plan to use it? And cannot anyone come to them, anyone with the intentions that are not good at all? And we have a problem.
Another factor that makes the issue of security important is the form of data. In the digital era, our personal data is not only more easily accessible and easy to exploit, but it also creates new types of data that many people think about us and whose abuse can deeply affect the different spheres of our privacy. Once it was the address, today it's the IP address, once it was the name, today its nickname in the discussion, the email account, we link our accounts from different social networks, many times we have joined private and work accounts, we share information across applications. And add biometric data to this effect - today, quite normal data processing, characteristics that allow or confirm the unique identification of a natural person. We will also be affected by various changes in the future, the opening of banking services for third parties or electronic healthcare. And there is also the boom of virtual reality and avatar that will be ours in the digital world.
And if you still think that the threat of personal data does not concern you - for example, it's just about collecting information about you as readers, website users. According to the definition of personal data, cookies may also be files that websites use to distinguish users. What about that? A solution aimed at stricter rules for the protection of our personal data is already in the world and is called GDPR.
The GDPR abbreviates the General Data Protection Regulation, alias the new EU Privacy Directive. It will make significant changes and will not only concern every business, institution, body operating in the EU and working with personal data but also those through whom these personal data only "flow". Accordingly, the GDPR must take effect for all who employ people to record data about students, graduates, applicants, external collaborators, contractors or partner organizations.
The GDPR has been adopted by the European Parliament and replaces the 1995 directive. So, personal data has also been protected so far, but the new regulation reacts to the completely new world that has emerged over the last two decades. Once we did not know what different data we would be able to find out and what we would share with Instagram or Snapchat, we did not buy in big on our mobile, we did not crack data on smart clocks or wearables of devices, there were no services like Uber or Airbnb, we did not have a GPS mobile phone yet, we did not post our location, photos, contacts ... Using the technology, we opened up a whole new universe and set new traffic rules.
As the GDPR enters into act in May 2018, all businesses have the last time to deal with the obligations that the regulation brings and respond to them in their own practice. In the case of many who regularly record the data of many people, preparing for new protection requirements will mean months of intense work.
However, GDPR's intention is not only to direct companies to obligations and citizens, on the contrary, without the obligation to protect. At the same time, trying to find a balance between the right of the individual to privacy and the right of everyone to freedom of access to information. You can legitimately ask yourself, "Why should anyone collect, use, and archive data about me?" According to a more recent survey conducted among our customers, up to 2/3 of them would share information about themselves if they get in turn, a more relevant, personalized service provided exactly according to their needs. Similar results are also presented by surveys of other companies within and outside the EU. That's what it is.
Many useful information, findings, and knowledge are the result of processing huge amounts of personal data. Their use, therefore, can bring benefits for us all - for example, in the public administration, where the analysis of collected information on the lives of the inhabitants could provide better, more accessible and addressable services more promptly, the direct impacts we can imagine in the field of environment or transport. And in health care, where more effective, more adequate and more accurate treatment could be provided by disposing and evaluating the amount of data. For example, it will cut off searching in encyclopaedias, time losses and, in particular, health treatment type of trial-error.
However, it is important to know who, how, and which data to collect, access, how they will be stored, encrypted, anonymized, and for what purpose they will be used. The GDPR Regulation opens these questions precisely and provides answers in order to balance both personal and public interest, and to focus on security issues, individuals' privacy claims and open data themes, which will become more and more challenging with ongoing digitization.