From Vision to Visibility and the growing momentum of GDPR
“Wow, that was amazing!”
Not my words, but those of a guest speaker we had brought over from the UK to co-present in our Executive Forum and General Sessions on the subject of Data Privacy, specifically the takeaways for businesses on the new General Data Protection Regulation (GDPR).
We had just left the morning keynotes and she had (a) never been to Las Vegas and (b) never been to a large IT conference, so it was great to hear the positive feedback and her genuine excitement from the high energy video and opening from our CMO Lynn Lucas, to the interesting and insightful keynote delivered by our CEO Bill Coleman.
It was a great start to an amazing event, and our first as an independent company. The branding, attention to detail and visual wrap that had been given to the venue really made you feel that 'We are back' and the morning session paved a great foundation for two days to showcase how we will execute on the story we have been building. Two customers to my right echoed that when the launch of Information Map and NetBackup (NBU) was made, “That’s great, this is really good news”. Praise from the audience is always good to hear. I enjoyed walking around Vision City to catch up with colleagues from far and wide and share in how far we have come – and where we are going in the future. Exciting times.
Our guest speaker was joined by our Legal Director, Global Legal Affairs, Tamzin Evershed, to deliver an insightful and well received session on the GDPR and Privacy Shield. They covered the complex landscape with a refreshing approach and left the audience with ten top takeaways that need to be implemented before the new rulings become law in May 2018. Many questions followed both sessions, from CIO to Storage Architect as the scale of how diverse personal data has become in the digital age and how it will need to be treated in the future.
Straight after Vision, Tamzin attended the International Association of Privacy Professionals (IAPP) conference in San Jose, CA. where privacy, security and risk were the key themes. Her summary thoughts proved very interesting; “As a conference where speakers and attendees were predominantly Americans, it was interesting to see the different approach that the US takes to privacy regulation. Clearly US privacy professionals are taking the demands of the GDPR very seriously and there were plenty of presentations to help them on their way. The star attraction was none other than Monica Lewinsky, who was able to bring home to all of those present how devastating it can be to find yourself in the position where the public interest, no matter how prurient, can override your right to a private life.”
After returning to the UK, Veritas launched its latest research findings in a fascinating report titled “The Data Hoarding Report”, which focused on the sheer scale and diversity of how much data is retained by both individuals and companies alike – some worthwhile, but the majority a burden to IT storage systems and a potential risk to compliance and legal departments - a feeling echoed by Baker and McKenzie.
This issue was highlighted at the end of September when the new Information Commissioner for the UK, Elizabeth Denham gave her first public speech since being appointed in July. “Businesses must be more honest about personal data”. It came on the back of the Information Commissioners Office investigating a number of high profile tech companies for how they handle and share personal data and especially a high profile breach reported in the national press. But being prepared for privacy does not have to be seen as a burden and her closing remarks resonated with my own feelings. “We can – and must – have privacy and innovation”.
How far and wide will the privacy laws go? An indication of this was confirmed this week when the Court of Justice of the European Union (CJEU) ruled that dynamic IP addresses constitute personal data – a decision that will have significant practical implications.
How are you preparing for GDPR? What steps have you taken to become compliant? Please leave your thoughts on GDPR in the comments box below.