Home >> Communities >>Policy Advocacy >> GDPR




GDPR- And It’s Impact on Cyber security

General Data Protection Regulation (GDPR) is a replacement for the European Data Protection Legislation. On May 25th, 2018, after 20 years, GDPR denoted a first such major overhaul to the Data protection act of the European Union. It effectively replaces all the varying implementations of EU Data Protection directive across Europe, giving all organizations today as a standard set of regulations and expectations when concerned with managing personally identifiable data of users, employees, clients or any other subjects. So under GDPR, businesses are supposed to explicitly request permission from an EU citizen to collect their specific data. If any business’s activities involve the usage of personal data, require DPO assistance. Any form of GDPR violation could result in you paying a f...

Cloud Data Leak Prevention (DLP)

In today’s data world, data breaches are commonplace. Not a day goes by without a headline about a massive data breach. Just to put this into perspective, there have been more than 14 billion records lost since 2013. The leaks come from both insiders and outsiders – whether they are accidental leaks or malicious activities like phishing and malware.  All enterprises are in the cloud and so is their sensitive data. According to a recent McAfee survey – 97% of organizations use cloud services (public, private or hybrid) and 83% store sensitive data in the cloud. For enterprises where “data is the new oil”, data leaks can be devastating, costly and a nightmare to your reputation. IT leaders are increasing budget (Increase to 37%) and slowing the adoption to the cloud (40% of the I...


Re: CRS Compliance and GDPR

I came across an excellent Ernst & Young article on how GDPR, FATCA, and CRS align by Amanda Murphy. Since pasting its extracts would amount to copyright violation, I am pasting the link here.  GDPR, FATCA and CRS | Financial Services Thought Gallery 

Privacy By Design : Indian Landscape

India as it contemplates and pushes for its own data protection regime there is a huge opportunity to re-design and design the products and services which will if not eliminate reduce the data privacy risks. And when the world look at you as the pioneers of IT industry some of the key challenges are competitive advantages for India. “Privacy by Design” and “Privacy by Default” have been frequently-discussed topics related to data protection. The first thoughts of “Privacy by Design” were expressed in the 1970s and were incorporated in the 1990s into the RL 95/46/EC data protection directive. According to recital 46 in this Directive, technical and organisational measures (TOM) must be taken already at the time of planning a processing system to protect data safety. Privacy by Design is a c...

Personal Data Protection Bill 2018

Highly impressed with the Personal Data Protection Bill. In my opinion on par with the EU GDPR and in few ways better actually. Kudos to the BJP government!! And Companies need to gear up now!

Microsoft, Facebook, Google and Twitter Introduce the Data Transfer Project: An Open Source Initiative for Consumer Data Portability

As we progress further into the era of the intelligent cloud and all its potential applications, Microsoft recognizes that people will only use technologies they trust – and that they can control. This is at the heart of Microsoft’s recent commitments to extend rights that are at the heart of GDPR to all of our consumer customers worldwide, and drives the design of our privacy dashboard to give users the tools they need to take control of their data. Today, we are announcing the Data Transfer Project, a joint open-source project initiated together withFacebook, Google, and Twitter whose work is aimed at helping users securely and seamlessly move their data between service providers. This open source project will create new capabilities for direct data portability between participating serv...

Re: GDRP query

under GDPR, European organizations are required to ensure that any third party they work with outside EU are GDPR compliant. So, any Indian business entity that caters to any European organization, in the process they need to deal with any European customer data will have to follow GDPR regulations. 


Vietnam approves new cybersecurity law Vietnam’s Parliament has approved a new cybersecurity law that requires social media companies to remove offensive content from their online service within 24 hours at the request of the Ministry of Information and Communications and the Ministry of Public Security’s cybersecurity task force. The new law also has the effect that technology companies doing business in the country will be required to operate a local office and store information about Vietnam-based users within the country. Companies could face substantial penalties for failure to disclose information upon governmental request. The law will take effect on 1st January 2019.       ICO fines Yahoo! UK £250,000 The UK regulator has fined Yahoo! UK Services Limited £250,000 in rel...

  • 1
  • 2
  • 5