From may 2018 data protection laws will be implemented by EU to ensure that all personal data are regulated and every citizen is aware and protected. The deadline lately has been crucial to insurance companies, since many are the possible scenarios in which any form of insurance coverage would be essential. Let’s try and break this whole process down in a simple way:
Controllers and processors
Controllers and Processors are the two main figures when it comes to data management and both have to follow the General Data Protection Regulation (GDPR). A Controller is the one who states in what way personal data is processed and filed, while the Processor is the one who’s responsible for the actual process. In particular, the Controller must be the one responsible for all the processes and the data storage. General Data Protection Regulation must apply anytime some of these records are used.
What can insurance do
Insurance, when it comes to GDPR, is in the middle of a fault line, as for most insurers, cyber insurance has a maximum cut off point of around £400 million, typically. Since GDPR has the capability of demanding 4% of turnover for bigger companies, that could easily outscale that amount. If we put that on practice also, in a long-term GDPR could eventually be uninsurable. As for now, the only possible thing to do would be waiting for a test case and see what are all the possible shenanigans.
Another important factor in GDPR regulation will be Brexit without any doubts: the GDPR is an EU based law that will be applied to all businesses before Brexit takes action, so (hypothetically) there will be no problem, and the UK will follow its guidelines. Of course, this is pure theory right now, as it’s possible that there will be discrepancies from when the law goes live.
The business impact
Surely, this will be a big step for companies, in particular if they are IT focused and with a multitude of clients on their hands: data protection is a delicate subject given the recent Facebook scandal, so having a dedicated figure (especially if the data amount is relevant) could be a simple and effective solution. In terms of worktimes, this could be a “plus” process that could slow some other ones. It’s likely to happen that a Data Protection Officer will be the central figure to coordinate this process.
GDPR and Facebook
Brian Wieser from the Pivotal Research Group said that “GDPR will likely cause a general slowdown in digital spending in Europe” and Facebook “may very well grow its share, growth will likely slow along with the market share.”
Following the recent Facebook’s situation, GDPR has lately been central in the affair. To start off, GDPR regulations will make it harder for Facebook and other entities to gather and store customers’ data. What will happen, following this, is going to be an increasing stream of ad funds into Facebook from companies since PPC is the central form of income for Facebook and many other data-based websites.
On the other hand, companies might wanna stop investing in Facebook given the recent events: when it comes to advertising, transparency and reliability are two must have qualities that the advertising platform must have.
With all that being said, after Mark Zuckerberg’s speech at the Congress, Facebook gained a lot of points on the market, which leads us to Wieser’s prediction, more. For now, Facebook has updated its policies and every user has been informed of these changes with a simple message on the portal, which briefly explains the whole process.