As May 25 draws nearer, there has been a lot of talk about GDPR (General Data Protection regulation) and its effects. Companies should invest in securing both customers and other stakeholders personal data, but not just because of looming sanctions, but because GDPR is a glimpse of the future. The positive changes GDPR brings will prepare us for the age where we need to solve the challenges connected with ever-expanding global connectivity.
Data privacy is nothing new. This being said, GDPR is an important step towards unifying privacy laws in Europe and an opportunity for all of us to improve our processes related to the collecting and processing data. This opportunity should be taken seriously – and not just because there are sanctions involved with non-compliance. Unlike most topics or developments relating to society, data protection and privacy are ones we are able to predict and prepare for.
The need for privacy is in most respects our own creation. The internet and social media have transformed the way we live our lives. We are now experiencing the downside of global connectivity: how to control sensitive information from those who want to misuse it? As data is the new oil and information the weapon of choice, more steps will have to be taken to ensure everyone’s privacy and security – from individuals to nations as a whole.
At its core GDPR makes us rethink how we collect and process personal data. Security and the right to privacy should be a part of system design from the start and not only system add-ons. This means we shouldn’t buy security services to safeguard an already completed process, but create processes with security concerns in mind. I, for one, welcome this change in perspective.
GDPR has meant a lot of work for most organizations, but I believe this shift in perspective results in innovation and preparedness to answer future obstacles such as cyber threats, alongside its main goal of strengthening individual rights to their personal data. We at Fortum also see the positive in GDPR, and have taken the changes seriously – as every responsible company should.
Arto Räty
SVP, Corporate Affairs and Communications