Governments and regulators around the world are likely to persist in pushing for greater access to and control over their citizens’ data amid rising incidence of data breach, said Patrice Perche, senior executive vice president for worldwide sales and support, Fortinet.
Governments and regulators around the world are likely to persist in pushing for greater access to and control over their citizens’ data amid rising incidence of data breach, said Patrice Perche, senior executive vice president for worldwide sales and support, Fortinet. I think there is a demand from the user for the right to remould the data that was stored. We see this need spreading across the world. From the government’s perspective, they want to fight these cyber armies that can attack the critical infrastructure in a country and cause a massive outage,” Perche said, adding that governments feel the need to protect not only citizens but also prominent corporates within their jurisdictions from cyber attacks.
At the end of the day, it’s all about the economy. So, overall, there is an increased consciousness among governments to implement data protection norms to protect their citizens as well as industry.” In April 2016, the European Parliament and Council of the European Union (EU) put in place a new set of norms governing data protection and privacy for all individuals within the EU.
Known as the General Data Protection Regulation (GDPR), the norms came into force on May 25 this year. Under the norms, breach notifications are now mandatory in all member states where a data breach is likely to “result in a risk for the rights and freedom of individuals”, according to the GDPR website. “This must be done within 72 hours of first having become aware of the breach,” the site said. Last month, Apple chief executive Tim Cook made a case for a US version of GDPR while speaking at an international conference of data protection and privacy commissioners.
Closer home, the Reserve Bank of India (RBI) in April released a master circular mandating the storage of payments data of all Indian citizens exclusively within India. Despite furious lobbying by the US India Business Council (USIBC) and firms such as Visa, Mastercard and Facebook, the Indian central bank refused to soften the norms or allow for data mirroring outside India. The new data localisation norms came into effect on October 15.
When it comes to policymakers, they like to follow one another’s successes. GDPR is an example of that. I expect to see more of hyperlocalisation, absolutely,” said Derek Manky, global security strategist, Fortinet. The problem with policymaking, however, is that it moves quite slow, while threats move fast, Manky said. “So that’s something that needs to be reconciled in the future.” (Travel for this report was sponsored by Fortinet)