30% of EU businesses fail GDPR compliance

30% of EU businesses fail GDPR compliance

A new survey of EU firms by RSM has discovered that 30% admitted that they fail GDPR compliance – and that a further 13% were not certain whether they are compliant or not. This leaves only 57% confident in their data protection processes.

This is worrying news given that it has been over a year since GDPR came into force. All of these organisations should have been prepared in advance, and ensured that they were compliant before 25th May 2018.

But because they fail GDPR compliance, they are putting themselves at risk.

As reported by Silicon:

It seems that there is no single issue to blame for non-compliance, but middle market businesses are apparently struggling to understand and implement a whole range of areas covered by the regulation.

 

The survey found that more than a third (38 percent) of non-compliant businesses do not understand when consent is required to hold and process data, 35 percent are unsure how they should monitor their employees’ use of personal data and 34 percent don’t understand what procedures are required to ensure third party supplier contracts are compliant.

 

The good news however is that despite the lack of compliance, GDPR is starting to have a positive impact on cyber security.

 

According to RSM, almost three quarters (73 percent) of European businesses say GDPR has encouraged them to improve the way they manage customer data and 62 percent say it has seen them increase their investment in cyber security. But alarmingly 21 percent of businesses admit that they still have no cyber security strategy in place.

You can read the full article here: https://www.silicon.co.uk/security/security-management/third-not-gdpr-compliant-272411

It therefore seems as if GDPR’s overall effect so far has been mixed. But with fines starting to appear thanks to GDPR – with British Airways recently receiving a record penalty of £183 million from the ICO – firms need to start taking their compliance more seriously.

We would always advise that data protection should be by design and default. Aside from the potential financial dangers of not being GDPR compliant, these firms are also risking a loss of trust from their customers and not being as efficient as they could be.

If you’re concerned that your organisation fails GDPR compliance, or want to further improve your data protection procedures and therefore your efficiency, click here to contact us today and find out more about our GDPR consultancy packages.

Smartphone apps can be listening in to your conversations at any time

Smartphone apps can be listening in to your conversations at any time

smartphone collection data

Is your smartphone listening to your conversations? I’ve had a lot of creepy experiences lately, where a verbal conversation I’ve had with someone is suddenly being reflected in the adverts being served up to me by my Android smartphone. For example, someone asked me about who Help For Heroes were, so I explained it – and then what was the very next advert to show up on my phone, after never being considered or searched for before using that device or any other?

Mental health support for ex-servicemen. Just one of many. So I started digging to find out more about how this is happening – and whether anyone genuinely has the rights to listen in to my conversations.

As it turns out, it’s not a conspiracy theory. It’s been discovered that your smartphone really is listening in and collecting data about you. Hundreds of smartphone apps are using a technology from a company called Alphonso, which accesses a phone’s microphone to collect advertising data.

Alphonso’s software seems to be particularly focused on a user’s TV-watching habits. It listens in on the phone’s local environment, and receives audio samples which it compares to commercial content. If a match is found, it will then attempt to deliver targeted ads for that same content to your phone.

There are obvious concerns here regarding data protection. Although Alphonso states that its software doesn’t record conversations, and that consent is given by users by agreeing to each app’s privacy policy, there are still questions to be answered about whether its actions are in contravention of data protection laws.

Did these apps genuinely get our specific, informed, granular consent to do this? And is this consent retractable? If not, then it would appear that this kind of data collection doesn’t conform to GDPR.

If you want to prevent your smartphone listening to your conversations, there are several things you can do to safeguard your data. Most crucially, you need to control permissions for your smartphone’s microphone:

  • For iOS, go to Settings -> Privacy -> Microphone
  • For Android, go to Settings -> Apps -> App Permissions

So I changed the permissions of which apps could use my phone’s microphone. Now the ads I see are stuck in a timewarp – still trying to flog the same things they were a month ago. So, you win some… you lose some!

Want to find out more about GDPR and data protection? Click here for all the information you need…