be cool, compliance, EC, GDPR, GDPR compliance, Information Security, Top News

European Commission “doesn’t plan to comply with GDPR” – well, sort of

Yet another email containing the letters GDPR dropped into our mailbox today.

This one was a bit different – it wasn’t a company explaining how it wanted us to help it comply, nor a company slapping itself on the back for having done what it was expected to do anyway.

This wasn’t even an article about non-compliance that named and shamed someone who hadn’t bothered to get ready in time.

It was about a statutory body that, unlike the rest of us, apparently doesn’t have to comply: the European Commission (EC) itself.

In the curious and orotund way that newspapers sometimes have with words, today’s GDPR email told us that:

The Telegraph can reveal today that Brussels bureaucrats, who pushed for the stricter rules around how companies and governments use data, don’t plan to comply with their own laws.

That seems weird, but you can imagine that there may be all sorts of legal absurdities that might arise by directly applying GDPR to a pan-European executive arm of government.

Which country’s regulator would apply, and how, for example?

Apparently, the EC is planning to subject itself to a regulation that will work like GDPR, even though it hasn’t yet done so.

That makes the Telegraph sound a bit OTT when it remarks that “Brussels bureaucrats […] don’t plan to comply with their own laws,” if indeed their intention is to comply with a regulation that is substantially similar.

As many companies have found, GDPR is more of a digital lifestyle guide, admittedly with teeth in the form of fines, although the EU’s various regulators seem determined not to use GDPR as a revenue mill.

And that got us thinking about a podcast we recorded almost a year ago now with Sophos expert John Shaw.

John’s overview of what GDPR is, and more importantly how we can make it work for us, is calm, measured and blessedly free of the invective that some commentators have allowed to creep in over the past year – during all of which time, of course, GDPR has already been “the law”.

We think it’s well worth another listen.


Source : Naked Security

Previous ArticleNext Article
Founder and Editor-in-Chief of 'Professional Hackers India'. Technology Evangelist, Security Analyst, Cyber Security Expert, PHP Developer and Part time hacker.

Send this to a friend