We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
RSS FeedTechnology

Corporate data protection: Technology meets liability


Data protection sanctions look set to go way off the scale

Article comments

Data protection is jostling for pole position as an area that CFOs should firmly fix both eyes on. Rarely do you see a juxtaposition of regulatory, technology, enterprise and consumer attitudes changing with one focal point.

The blurred distinction between when work ends and when personal life starts does not look to get any clearer as technology allows us to work from personal devices, and play from work devices. The challenge this has on enterprise security is often not considered with sufficient seriousness until it is too late.

A couple of years ago the UK Information Commissioner’s Office (ICO) was granted increased powers, with the ability to impose a maximum fine of £500,000 for those who are not careful with the personal data that they were entrusted with. Since that increased power was granted to the ICO, the data protection watchdog has certainly not been shy in using it!

The current data protection law however is not seen as fit for purpose given the globalised, outsourced, social media and cloud driven world of commerce in this day and age. The biggest change to European data protection since 1995 finally arrived with the publication of the draft Data Protection Regulation last year, which is expected to come into force within the next 18 months.

What these new proposals show is that data protection sanctions look set to go way off the scale in terms of what we are used to right now. The sting in the tail, which did not exist before, is that there is a provision to calculate a fine that is based on a percentage of annual global turnover.

Businesses that fail to get it right, especially in the areas of cloud storage, data centres and data transfers, and new requirements that make ‘compliance’ a fundamental frontline obligation, could potentially lead to massive fines.

For major organisations, this could be to the tune of tens if not hundreds of millions of pounds, with ‘tier three’ penalties based on 2 percent of global annual turnover. So businesses will no longer be able to pay lip service to data protection, compliance will have to be an integrated, transparent and demonstrable part of the business if a massive whack of a fine is to be avoided.

Other areas to look out for include:

M-commerce

Payment by mobile phones and contactless card payments is likely to grow exponentially in the coming year. The European Commission recently gave approval to the joint venture between Vodafone, EE and Telefonica to set up a company to develop mobile commerce in the UK. In addition to a mobile wallet service, the operators are proposing to launch a data-based mobile advertising network which will give businesses access to over 37 million of their customers. Concepts such as these are likely to create enormous data protection challenges.

‘Bring Your Own Device’ or BOYD

Such schemes are likely to continue to see an increase in 2013. In Germany, for example, 80 percent of businesses are expected to have BYOD schemes in place by the end of next year, creating data protection and privacy challenges. 

Facial recognition technology

Social media players using facial recognition technology were under fire from privacy campaigners over the course of 2012 but this is unlikely to act as a deterrent to further development of this technology for commercial and marketing purposes. As the application of facial recognition technology broadens, the data protection issues are likely to become more complicated.

Even if some of these developments do not appear on the horizon as soon as commentators believe they will do, there is still enough to give CFOs food for thought. On the one hand are technology and legal change and on the other hand is the issue of liability. Given what we may see happening to the latter, looks like it is set to outstrip the decision making power of all but the board on such matters in a corporate setting.

Vinod Bange is the UK partner leading the data protection team at international law firm Taylor Wessing. He has specialised in data protection and information law for over a decade.

Share:

Recommended Articles

Comments

Corporate data protection: Technology meets liability
Technology

How new technologies are transforming finance

How new technologies are transforming finance

CFOs, once sceptical about technology, are now among its biggest supportersmore ..


Boris Johnson: London will have 5G by 2020

Network to be deployed with University of Surreymore ..

Customers should be allow to sell on 'their' data, says ICO

“Big data is not a game that is played by different rules” says the Information Commissioners Officemore ..

'Nadella Effect' makes Ballmer $2.8bn richer

And since Thursday's downsizing, CEO Satya Nadella has an extra $1.3M in his portfoliomore ..

What does your perfect datacentre look like?

The financial impact of rising energy bills is a headache for companies toomore ..

What UK business needs to do now with big data

In the final of a three-part series, we look at the potential for companies to become victims in the battle for big datamore ..

Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.



In Depth
Can finance rise to the challenge of major transformation?

Can finance rise to the challenge of major transformation?

Outdated finance processes, systems and competencies leave too many questions unanswered more ..

In Depth
Interim CFO or consultant? The pros and cons

Interim CFO or consultant? The pros and cons

Ed Harding offers an insight into the life of an interim CFO and the advantages in driving transformation more ..

Advertisement

* *