By Vijeth Shivappa
News that a global online retail platform has been fined € 746 million (about $ 887 million) by the European Union’s Data Protection Authority for violating user privacy laws – the GDPR – has taken the media by storm . According to reliable sources in the European financial circuit, the fine was imposed on July 16 and published in a recently published financial announcement. It is the highest fine to date in the 3-year history of the GDPR. It has been alleged that the e-commerce giant has violated the European Union’s Data Protection Regulation (GDPR) in its advertising-related decisions. The fine for the alleged breach of the law was imposed by the Luxembourg Data Protection Commission (CNPD), where the online retail giant has its EU headquarters, from the data protection authorities in Luxembourg.
This fine is the result of a complaint by the French data protection group La Quadrature du Net from 2018, a group claiming to represent the interests of Europeans to ensure their data is not being consumed by big tech companies to manipulate citizens’ behavior for political or commercial purposes. This complaint was filed on behalf of more than 10,000 customers.
This fine is the latest move by European regulators against big tech companies. Regulators in Europe have increasingly scrutinized the business practices of technology giants. The GDPR, or the General Data Protection Regulation, aims to limit the use of consumer data by companies and regulate data breaches. In 2019, another tech giant was fined 50 million euros. Regulators cited that the company’s way of processing consumer personal data did not meet GDPR requirements &, and it was instructed to change its business practices.
The GDPR is an EU regulation with binding rules for the integrity-friendly handling of personal data by organizations and companies. According to the EU data protection law GDPR, violations of the GDPR can be punished with a fine of up to 20 million euros or up to 4% of the worldwide annual turnover of the previous financial year, whichever is higher.
Based on the European Union regulators, China’s 13th Standing Committee of the National People’s Congress passed the Personal Data Protection Act (the “PIPL”) on August 20, 2021. PIPL is China’s first comprehensive data protection law. It is partially based on other data protection regimes, including the EU’s General Data Protection Regulation (« GDPR »).
The PIPL will come into force on November 1, 2021. The regulations state that companies must obtain customer consent for the use of personal data. & companies must take steps to protect the data. If the security of such information is breached, it can cause great damage to the personal safety and property of individuals. Penalties for serious PIPL violations include fines ranging from RMB 50 million to 5% of a company’s sales in the previous year.
Personal information is valuable. There is no second thought about it. Data makes it possible to formulate business models, understand customers, carry out effective marketing campaigns and develop products and services. But just like rules to protect every other asset class, there is a need for a regulatory framework for the responsible handling of personal data. In recent years we have received breaking news about personal data breaches and scandals around the world. Hundreds of millions of individuals’ personal details (social security numbers, addresses, creditworthiness, etc.) have been compromised. Regulations such as the GDPR & PIPL not only clearly state that a person’s personal data belongs to the person, but can also impose significant penalties on companies that fail to adhere to the regulations.
In the US, Europe & China, privacy and data protection are seen as important components. The regulations such as the GDPR & PIPL are intended to guarantee these requirements and are a further development of the previous data protection guidelines. It is high time that other emerging economies enacted such strict regulation to protect the privacy of their citizens and protect the broader social interests.
Institutions that handle citizens’ personal data can meet such governmental requirements by they save & and protect the permitted user data in a compliant manner. Entities can even automate the process of identifying different types of data through a technology that uses data analysis, machine learning, & artificial intelligence (AI) to enable intelligent data cataloging to identify and classify individual data points in large amounts of data. This means companies can easily turn their data lakes into searchable, easy-to-analyze resources, making more effective use of that data and complying with laws like the GDPR & PIPL. The technology already in use in the financial services, pharmaceutical and healthcare industries is designed for on-premise or even public cloud environments.
If you share an interesting article / experience / case study please contact us at [email protected]
Express Computer is one of India’s most respected IT media brands and has been published for 24 years in a row. We cover enterprise technology in all its facets, including processors, memory, networks, wireless, business applications, cloud computing, analytics, green initiatives and anything that can help companies get the most from their ICT investments. In addition, we also report on the rapidly developing e-governance area in India.
Tech Mahindra recognized as a leader in the PEAK matrix assessment of the Everest Group for Software Product Engineering Services 2021
We are going through a radical change with our 4.0 outlook: Kishan Sundar, Maveric …
Express Computer is one of India’s most respected IT media brands and has been published for 24 years in a row. We cover enterprise technology in all its facets, including processors, memory, networks, wireless, business applications, cloud computing, analytics, green initiatives and anything that can help companies get the most from their ICT investments. In addition, we also report on the rapidly developing e-governance area in India.
Keywords:
