GDPR

Data privacy regulators in GCC countries get more muscles to flex

Authorities in the Gulf Cooperation Council (GCC) countries are looking to tighten their data privacy laws and give more teeth to regulators after the introduction of EU’s General Data Protection Regulation (GDPR).Privacy regulations around the world protect the rights of the individual’s data for fair and lawful collection and use of their personal information by…


Authorities in the Gulf Cooperation Council (GCC) countries are looking to tighten their data privacy laws and give more teeth to regulators after the introduction of EU’s General Data Protection Regulation (GDPR).

Privacy regulations around the world protect the rights of the individual’s data for fair and lawful collection and use of their personal information by organisations.

Qatar launched its Privacy and Protection of Personal Data Law in 2016 while Bahrain implemented its data privacy law on August 1 this year. The UAE is expected to implement the law this year and Saudi Arabia by next year. The only countries left are Oman and Kuwait.

Phil Mennie, director for digital trust at consultancy firm PwC, said that the demand for privacy expertise exploded after the introduction of GDPR.

 “We are seeing a lot of changes across the GCC region and a lot of privacy laws are coming in,” he said.

“Large organisations are impacted by the GDPR but we observed, unlike in Europe where privacy has been a topic for a very long time, in the Middle E

Read More

Be the first to write a comment.

Leave a Reply

GDPR

Firms in EMEA take two days less than global average to detect a cyber incident

Organisations in Europe, Middle East and Africa (EMEA) are two days better than the global average of 56 days to detect a cyber incident as organisations are detecting and containing attacks faster.In EMEA the median dwell time fell by 69.5% to 54 days in 2019 compared to 177 days in 2018.FireEye Mandiant M-Trends 2020 Report…

Organisations in Europe, Middle East and Africa (EMEA) are two days better than the global average of 56 days to detect a cyber incident as organisations are detecting and containing attacks faster.

In EMEA the median dwell time fell by 69.5% to 54 days in 2019 compared to 177 days in 2018.

FireEye Mandiant M-Trends 2020 Report showed that organisations have put more emphasis on GDPR and increasing focus on security due to the ongoing challenges organisations face from sophisticated threat actors.

The global median dwell time decreased by 28% to 56 days in 2019 compared to 78 days last year.

Dwell time is calculated as the number of days an attacker is present in a victim network before they are detected. The median represents a value at the midpoint of a data set sorted by magnitude.

Internal detection, when an organisation independently discovers that it has been compromised, fell 40.6% to 30 days compared to 50.5 days in 2018 while external notification, when an outside entity informs an organisation that it has been compromised, also fell by 23.37% to 141 days compared to 184 days in 2018.

For the first time in four years, external notifications ex

Read More

Continue Reading
GDPR

Thanks to Brexit, British Google user data will be moved to U.S.

Using Google in the UK? Your data is about to move under U.S. jurisdiction thanks to Brexit. Google is moving where it controls British user data from Ireland, where the company’s Europe headquarters is located, back to the U.S. following Britain’s exit from the EU.  The tech giant told Mashable that UK users will still…

Using Google in the UK? Your data is about to move under U.S. jurisdiction thanks to Brexit.

Google is moving where it controls British user data from Ireland, where the company’s Europe headquarters is located, back to the U.S. following Britain’s exit from the EU. 

The tech giant told Mashable that UK users will still be covered by the EU’s fierce General Data Protection Regulation (GDPR), which has been in effect since May 2018, and that nothing would change in terms of privacy management. But it’s not that straightforward.

“Like many companies, we have to prepare for Brexit,” said a Google spokesperson in a statement to Mashable. “Nothing about our services or our approach to privacy will change, including how we collect or process data, and how we respond to law enforcement demands for users’ information. The protections of the UK GDPR will still apply to these users.”

The move was first reported by Reuters, which

Read More

Continue Reading
GDPR

UK Google users to lose EU data protection

In the aftermath of Brexit, Google plans to shift UK accounts outside the control of European Union privacy regulations, and under US jurisdiction instead.The move is expected to make information more accessible to UK law enforcement, and leave data with less robust protection than is afforded by EU standards.GDPR, or forge its own data handling…

In the aftermath of Brexit, Google plans to shift UK accounts outside the control of European Union privacy regulations, and under US jurisdiction instead.

The move is expected to make information more accessible to UK law enforcement, and leave data with less robust protection than is afforded by EU standards.

GDPR, or forge its own data handling regulations.

  • Google accused of secretly tracking users across the web
  • Avast reportedly sold user web browsing data
  • Your email provider might be selling your personal data

Google will require UK users to accept new terms of service, including the move to a new jurisdictio

Read More

Continue Reading
GDPR

Why multinationals prefer to take GDPR as baseline for global compliance?

Rolling out General Data Protection Regulation (GDPR) compliance framework as a standard can be operationally simpler for global organisations and may also help to reduce the level of privacy risk, including in non-EU countries, said an industry expert.  “The GDPR’s strict requirements on data breach handling are well known, in particular, the requirement to report personal…

Rolling out General Data Protection Regulation (GDPR) compliance framework as a standard can be operationally simpler for global organisations and may also help to reduce the level of privacy risk, including in non-EU countries, said an industry expert.

  “The GDPR’s strict requirements on data breach handling are well known, in particular, the requirement to report personal data breaches to regulators within 72 hours of becoming aware (unless the breach is unlikely to result in a risk). Depending on the level of risk, breaches may also need to be notified to individuals,” Joanna de Fonseka, Senior Associate for Technology/Commercial at Baker McKenzie Habib Al Mulla, told TechRadar Middle East.

GDPR was introduced in May 2018 and it has had a significant impact on personal data protection.

According to law firm DLA Piper, GDPR has led to over 160,000 data breach notifications across Europe and has imposed about $126 million in fines under the GDPR regime till January for a wide range of GDPR infringements, not just for data breaches.

France, Germany and Austr

Read More

Continue Reading