What do you think?
Rate this book
Understanding the New European Data Protection Rules
Compared to the US, European data and privacy protection rules seem Draconian. The European rules apply to any enterprise doing business in the EU. The new rules are far more stringent than the last set. This book is a quick guide to the directives for companies, particularly US, that have to comply with them. Where US organizations and businesses who collect or receive EU personal data fail to comply with the rule, the bottom line can suffer from very significant official fines and penalties, as well as from users, customers or representative bodies to pursuing litigation. This guide is essential for all US enterprises who directly or indirectly deal with EU personal data.
- GenresLawTechnology
508 pages, ebook
Published September 20, 2017
2 people are currently reading
14 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 of 1 review
July 17, 2018
With some license, in Understanding the New European Data Protection Rules, author Paul Lambert has written the Stephen King of information security books. Here, Lambert details the horrors and monstrosity that is GDPR. The regulation opens a Pandora's box of information security and privacy requirements that firms will have to deal with.
For those not familiar, GDPR is the General Data Protection Regulation. A regulation from the European Union, it’s meant to strengthen data protection for EU citizens. It goes into effect in May 2018. For those that want to know more about the GDPR, there’s no shortage of information on the web. Most security vendors have white-papers detailing how their products can help with the GDPR headaches.
The entire 261-page regulation can be download from the GDPR portal here. For many who’ve read the regulation, it can seem like it is not a huge endeavor. Read this book, and you’ve just become Freddy Krueger’s CISSP buddy.
Part of the rational for GDPR is that to have a single regulation, rather than many which requires significant duplication of efforts. Businesses will only have to deal with this single regulation, rather than myriad others. GDRP is estimated to save businesses over €2.5 billion annually.
First off, GDPR is not just another regulation. It’s a rights-based regulation which changes the data dynamic such that individuals have significantly more rights to their data. Each right creates corresponding requirements that business must deal with to ensure they are compliant. GDPR establishes data protection rights as fundamental legal rights.
Some of the rights that GDPR include are, right to rectification, right to erasure and be forgotten, right to prevent direct marketing processing, and much more. Every GDPR right, creates a huge set of obligations that enterprises much deal with.
An example of a daunting aspect of GDPR is the extra-territoriality clause. This means that even though GDPR applies only to EU citizens; a non-EU organization can still be in-scope for GDPR if it offers goods or services to individuals in the EU. This is just one example of hundreds.
In Understanding the New European Data Protection Rules, Lambert shows that GDPR will be the information security equivalent of Halloween for the future. No candy, just lots of spine-chilling regulatory requirements.
For those not familiar, GDPR is the General Data Protection Regulation. A regulation from the European Union, it’s meant to strengthen data protection for EU citizens. It goes into effect in May 2018. For those that want to know more about the GDPR, there’s no shortage of information on the web. Most security vendors have white-papers detailing how their products can help with the GDPR headaches.
The entire 261-page regulation can be download from the GDPR portal here. For many who’ve read the regulation, it can seem like it is not a huge endeavor. Read this book, and you’ve just become Freddy Krueger’s CISSP buddy.
Part of the rational for GDPR is that to have a single regulation, rather than many which requires significant duplication of efforts. Businesses will only have to deal with this single regulation, rather than myriad others. GDRP is estimated to save businesses over €2.5 billion annually.
First off, GDPR is not just another regulation. It’s a rights-based regulation which changes the data dynamic such that individuals have significantly more rights to their data. Each right creates corresponding requirements that business must deal with to ensure they are compliant. GDPR establishes data protection rights as fundamental legal rights.
Some of the rights that GDPR include are, right to rectification, right to erasure and be forgotten, right to prevent direct marketing processing, and much more. Every GDPR right, creates a huge set of obligations that enterprises much deal with.
An example of a daunting aspect of GDPR is the extra-territoriality clause. This means that even though GDPR applies only to EU citizens; a non-EU organization can still be in-scope for GDPR if it offers goods or services to individuals in the EU. This is just one example of hundreds.
In Understanding the New European Data Protection Rules, Lambert shows that GDPR will be the information security equivalent of Halloween for the future. No candy, just lots of spine-chilling regulatory requirements.
Displaying 1 of 1 review