Today, just over two years after its entry into application, the European Commission published an evaluation report on the General Data Protection Regulation (GDPR). The report shows the GDPR has met most of its objectives, in particular by offering citizens a strong set of enforceable rights and by creating a new European system of governance and enforcement. The GDPR proved to be flexible to support digital solutions in unforeseen circumstances such as the Covid-19 crisis. The report also concludes that harmonisation across the Member States is increasing, although there is a certain level of fragmentation that must be continually monitored. It also finds that businesses are developing a compliance culture and increasingly use strong data protection as a competitive advantage. The report contains a list of actions to facilitate further the application of the GDPR for all stakeholders, especially for Small and Medium Sized companies, to promote and further develop a truly European data protection culture and vigorous enforcement.
Věra Jourová, Vice-President for Values and Transparency, said: “Europe’s data protection regime has become a compass to guide us through the human-centric digital transition and is an important pillar on which we are building other polices, such as data strategy or our approach to AI.The GDPR is the perfect example of how the European Union, based on a fundamental rights’ approach, empowers its citizens and gives businesses opportunities to make the most of the digital revolution. But we all must continue the work to make GDPR live up to its full potential.”
Didier Reynders, Commissioner for Justice, said: “The GDPR has successfully met its objectives and has become a reference point across the world for countries that want to grant to their citizens a high level of protection. We can do better though, as today’s report shows. For example, we need more uniformity in the application of the rules across the Union: this is important for citizens and for businesses, especially SMEs. We need also to ensure that citizens can make full use of their rights. The Commission will monitor progress, in close cooperation with the European Data Protection Board and in its regular exchanges with Member States, so that the GDPR can deliver its full potential.”
Key findings of the GDPR review
Citizens are more empowered and aware of their rights: The GDPR enhances transparency and givesindividuals enforceable rights, such as the right of access, rectification, erasure, the right to object and the right to data portability. Today, 69% of the population above the age of 16 in the EU have heard about the GDPR and 71% of people heard about their national data protection authority, according to results published last week in a survey from the EU Fundamental Rights Agency. However, more can be done to help citizens exercise their rights, notably the right to data portability.
Data protection rules are fit for the digital age: The GDPR has empowered individuals to play a more active role in relation to what is happening with their data in the digital transition. It is also contributing to fostering trustworthy innovation, notably through a risk-based approach and principles such as data protection by design and by default.
Data protection authorities are making use of their stronger corrective powers: From warnings and reprimands to administrative fines, the GDPR provides national data protection authorities with the right tools to enforce the rules. However, they need to be adequately supported with the necessary human, technical and financial resources. Many Member States are doing this, with notable increases in budgetary and staff allocations. Overall, there has been a 42% increase in staff and 49% in budget for all national data protection authorities taken together in the EU between 2016 and 2019. However, there are still stark differences between Member States.
Data protection authorities are working together in the context of the European Data Protection Board (EDPB), but there is room for improvement: The GDPR established an innovative governance system which is designed to ensure a consistent and effective application of the GDPR through the so called ‘one stop shop’, which provides that a company processing data cross-border has only one data protection authority as interlocutor, namely the authority of the Member State where its main establishment is located. Between 25 May 2018 and 31 December 2019, 141 draft decisions were submitted through the ‘one-stop-shop’, 79 of which resulted in final decisions. However, more can be done to develop a truly common data protection culture. In particular, the handling of cross-border cases calls for a more efficient and harmonised approach and an effective use of all tools provided in the GDPR for the data protection authorities to cooperate.
Advice and guidelines by data protection authorities: The EDPB is issuing guidelines covering key aspects of the Regulation and emerging topics. Several data protection authorities have created new tools, including helplines for individuals and businesses, and toolkits for small and micro-enterprises. It is essential to ensure that guidance provided at national level is fully consistent with guidelines adopted by the EDPB.
Harnessing the full potential of international data transfers: Over the past two years, the Commission’s international engagement on free and safe data transfers has yielded important results. This includes Japan, with which the EU now shares the world’s largest area of free and safe data flows. The Commission will continue its work on adequacy, with its partners around the world. In addition and in cooperation with the EDPB, the Commission is looking at modernising other mechanisms for data transfers, including Standard Contractual Clauses, the most widely used data transfer tool. The EDPB is working on specific guidance on the use of certification and codes of conduct for transferring data outside of the EU, which need to be finalised as soon as possible. Given the European Court of Justice may provide clarifications in a judgment to be delivered on 16 July that could be relevant for certain elements of the adequacy standard, the Commission will report separately on the existing adequacy decisions after the Court of Justice has handed down its judgment.
Promoting international cooperation: Over the last two years, the Commission has stepped up bilateral, regional and multilateral dialogue, fostering a global culture of respect for privacy and convergence between different privacy systems to the benefit of citizens and businesses alike. The Commission is committed to continuing this work as part of its broader external action, for example, in the context of the Africa-EU Partnership and in its support for international initiatives, such as ‘Data Free Flow with Trust’. At a time when violations of privacy rules may affect large numbers of individuals simultaneously in several parts of the world, it is time to step up international cooperation between data protection enforcers. This is why the Commission will seek authorisation from the Council to open negotiations for the conclusion of mutual assistance and enforcement cooperation agreements with relevant third countries.
Aligning EU law with the Law Enforcement Directive
In addition, the Commission has today also published a Communication that identifies ten legal acts regulating processing of personal data by competent authorities for the prevention, investigation, detection or prosecution of criminal offences which should be aligned with the Data Protection Law Enforcement Directive. The alignment will bring legal certainty and will clarify issues such as the purposes of the personal data processing by the competent authorities and what types of data may be subject to such processing.
The GDPR foresees that the Commission reports on the evaluation and review of that Regulation, starting with a first report after two years of application and every four years thereafter.
The General Data Protection Regulation is a single set of rules of EU law on the protection of individuals with regard to the processing of personal data and on the free movement of such data. It strengthens data protection safeguards, provides additional and stronger rights to individuals, increases transparency, and makes all those that handle personal data more accountable and responsible. It has equipped national data protection authorities with stronger and harmonised enforcement powers, and has established a new governance system among the data protection authorities. It also creates a level playing field for all companies operating in the EU market, regardless of where they are establish, ensures the free flow of data within the EU, facilitates safe international data transfers and has become a reference point at global level
As stipulated in Article 97(2) of the GDPR, the report published today covers in particular international transfers and ‘cooperation and consistency mechanism’, although the Commission has taken a broader approach in its review, in order to address issues raised by various actors during the last two years. These include contributions from the Council, the European Parliament, the EDPB, national data protection authorities and stakeholders.
Antivirus and Firewall “Security” Measures are OBSOLETE in 2021 – and it’s getting worse
“Just Because You’re Paranoid Doesn’t Mean Someone Isn’t Trying to Hack You.”
Last year was “perhaps the most active year in memory” with regard to cyberattacks, according to Sunnyvale, California-based cybersecurity technology company CrowdStrike, a respected firm providing cyberattack response services, threat intelligence, and an annual Global Threat Report (paywall) on the state of web security. The world went through hell with Covid in 2020, but for web miscreants, the year was awesome as they preyed on our misery, pretending to offer information, and impersonating important global pandemic responders such as the U.S. Centers for Disease Control and Prevention (CDC) and the World Health Organization (WHO). Malicious actors had a phishing field day in 2020 – which, naturally, works best when there an emotional connection. How many times have we heard of someone losing money to fraud after getting an email from a “friend in distress”?
Of course, it’s a good bet that CloudStrike’s 2022 report will list ’21 as the “most active year” since…well, the year before. Moore’s Law and all the fun math of exponentiality doesn’t only apply to things we enjoy such as Apple’s M1 processor, but also to the malware, cyberattacks, and security breaches that come with technological advances. Nearly every, if not every, electronic device that has an internet connection can be hacked; and can often be hacked when it’s either on or offline.
Many are switching to safe browsers such as Firefox Focus or Qustodio Free. Experts, however, are recommending adding even more layers of protection to your digital life by installing a safe browsing app that works with all the big browsers. Safe browsing apps – many of which are free to download – double-check that the site you’re visiting is legit, vet and scan apps and files in real-time, protect your Wi-Fi network, offer anti-phishing protection, and allow you to build a “blacklist” of sites you want blocked – keeping your kids safe from “adult content.” Using a safe browser app is proactive – stopping things before they happen, not catching them after the fact.
So-called “malicious actors” (simply put: bad guys) have and are stepping up their game. CloudStrike’s report noted that in 2020, there was a significant increase in extortion and blackmail techniques all nicely bundled into ransomware operations. The security firm warns that 2021 will likely see more of what it terms, “big game hunting” – e-criminals going after larger firms as the potential return is larger. Also of interest was a note on malicious actors forming alliances; working in tandem to level up and coordinate their attacks.
However, even if you don’t happen to be the CEO of a large corporation with data that would be worth ransoming, cybersecurity gurus are warning anyone with a computer to start realizing that “the good old days” of flying under the radar with half-baked security measures are gone for good – you might not even be the target but could end up being used by identity thieves to cause serious harm to a friend or acquaintance. You don’t need to be “someone” or even have valuable data to be targeted, and to think otherwise is to fundamentally misunderstand how wild the web of the 2020s has become. Think back to the last time a friend of yours told a tale of their account being hacked. Weren’t you somewhat surprised as they aren’t famous or rich? – When was the last time you gave serious thought to the safety of your personal data? If your company hired a “white hat” to stress test your firm’s web security, how well do you think it would hold up? The question ‘Is this website safe?’ is getting harder to answer.
Too many downplay the risks of a data breach. “Why would anyone want my ‘boring’ info?” people ask. Well, there are serious reasons such as identity theft, fraud, or phishing attempts, but there’s also a lot of money to made in collecting information. Harvesting data is big business. They’ll take info on everything from the language you use, your screen resolution, operating system, time zone, active plugins, browser type…you name it. By breaking down you – and the millions of others like you – into data points that can be categorized, you are now a target for precision missile advertising strikes. Being tracked keystroke by keystroke as you shop, bank, email, and enjoy online entertainment isn’t just creepy; it’s potentially dangerous. Predators prey on the weak. Why allow yourself to be a target?
There are some scary stats out there: 300,000 new pieces of malware are reportedly created every day. Cybercrime is more profitable than the illegal drug trade! Over 60 percent of businesses that get hacked say they aren’t sure they’ll ever fully recover. Anti-virus software or firewalls are as effective as a sieve, etc. It’s human nature to overestimate one’s web knowledge. Sure, you don’t click on links that look fishy and, heck, you might have even ponied up for a VPN (Virtual Private Network). A VPN, however, only conceals your location, data-in-transit, and IP address. VPNs are not the fortresses we think they are, however. Via browser fingerprinting (look that term up if you’ve never heard of it) a leak that shows your online identity is still a possibility. You need multiple layers of protection, and you need them now. To paraphrase a famous quote, “You Might Be Paranoid, but that Doesn’t Mean Someone Isn’t Trying to Hack You.”
Moscow innovation ecosystem became prize-winner of Quality Innovation Award 2020
The Moscow Innovation Ecosystem program dedicated to testing innovative solutions became a prize-winner of the international Quality Innovation Award Forum in the Public Sector Innovations category.
The program lets designers test their technologies at the city and business sites. Over 50 draft solutions were tested in the course of the program existence.
The program makes it possible for designers to test their technologies at the city and business sites before being released to the market, and for the authorities and potential contractors — to analyze the effectiveness of those technologies.
‘The project makes it possible to study Russian and international practices in the field of smart cities and state management, analyze impact of different technologies on the quality of life in the city. Piloting of projects helps evaluate the practical use of new solutions for citizens,’ remarked Eduard Lysenko, Minister of the Moscow Government, Head of the Moscow Department of Information Technologies.
Among those tested projects are a self-driving taxi, a hand exoskeleton, a spatial reasoning system for persons with sight disability, VR-technologies in education, an application for museum visitors that allows uploading information about exhibits to a smartphone.
‘The jury of the competition underlined the unique conditions that Moscow created for the authors of high-tech solutions. The prize-winner program gives designers a chance to test the viability of their solutions and get comprehensive feedback from the target audience. Last year, we got over 600 requests from entrepreneurs for testing various products,’ Natalya Sergunina, Deputy Mayor of Moscow said.
The framework of the program lets the dedicated specialists choose the most promising and urgent projects. Once the project is chosen, a testing site shall be determined.
‘Thanks to the Moscow innovation ecosystem, the capital of Russia is one of the most active cities in terms of innovations that undergo testing. Today, over 100 state and business sites participate in the program. Banks, retail chains, communication services providers, production enterprises, medical institutions, high schools, IT corporations and other companies are among them,’ added Alexey Fursin, Head of the Moscow Department of Entrepreneurship and Innovative Development.
While testing, the designers get the expert support, access to the infrastructure in order to test the solution practically with many potential users and recommendations for adapting the product for certain clients.
The Quality Innovation Award has been held since 2007 by Finnish Association for Quality in cooperation with partner companies from Russia, China, Czechia, Estonia, Hungary, Israel, Latvia, Lithuania, Serbia, Spain, Sweden and other countries. Over 400 innovations were submitted for awarding in 2020, 25 of them were prized.
The Moscow Agency of Innovations is the operator of the pilot innovation testing program. It unites representatives of the authorities and business society with technological companies so that they could jointly create, testing implement innovative solutions.
Checking People: Why a Background Review Service Could Save Your Company
From “sins of omission” to full-on deception; professional “Check People” help uncovers all
The Oscar-winning drama “Parasite” by Korean director Bong Joon Hodepicts a family using Photoshop and other techniques to forge documents and gain employment from a wealthy couple as tutors, a housekeeper, and a driver. In the film, the obscenely wealthy and horribly naïve couple trust a single reference from a trusted friend – and forego background checks. The story does not end well; to say the least.
These days, a claim you graduated from Harvard is very likely going to be double-checked; but it’s the more minor claims that sometimes slip through the cracks. The person who claims to have graduated from Concordia College and University of Delaware, for example. Concordia looks legit and the claim hardly seems worth checking. But how would you feel after you learn that Concordia (sometimes of Delaware, sometimes of Dominica, etc. –They change addresses and websites as needed) is listed as a so-called “diploma mill” that grants degrees based on “life experience.” Concordia will scream to the heavens that it’s accredited and legal, but courts have deemed otherwise and people have gotten into serious legal trouble for using such degrees – some of which cost less than US$300. A comprehensive background check would easily flag such a “graduate.”
Put simply, background checks work by using proprietary algorithms to conduct online searches of public databases as well as deeper inquiries into online content to find a “reel” of data on an individual. Reviews of CheckPeople background check service shows the cost of a serious background check is a pittance when compared to the trouble an unverified person could end up costing a company.Background check service companies might also check the prospective employees’ immediate relatives or even extended family to discover any connections that the person has not disclosed that you would rather know about.
Avoid Legal Troubles and Hits to Your Reputation by Doing Background Checks
Using fake degrees are becoming less common as, you know…Google. But human beings are human beings, and so-called “sins of omission” are too-often the rule rather than the exception. And it’s surprising to learn how common deliberate deception is – one report found that almost 60 percent of all resumes include incorrect, misleading, or otherwise false information. Some things are hard to falsify: a hospital in 2021 is unlikely to, say, hire a fake brain surgeon, but the person who you’re considering for your small or medium-sized business could lead to serious problems – unless you invest in a good background check service. There’s plenty that can be falsified and the way to avoid being burned is by hiring a firm with the know-how and reputation to do a real look into a person’s past.
It might not seem like a big deal when a person falsely claims on a resume that they have been certified in such-and-such an area; until an accident or incident happens in that particular area – opening up your company to lawsuits. “Negligent hiring” is the cause of many a lawsuit claiming negligence due to a company hiring an employee who perhaps falsified an accreditation or certification in some specific area. Employees from janitors to drivers are in positions that could lead to incidents affecting your company. The first thing the lawyer on the other side of the table is going to ask – if an incident should occur is, “Did you run a background check before hiring this individual?” If not, the jugular “negligent hiring” vein is exposed for the claws of legal retribution.
“Trust, But Verify” is a Very Wise Plan: People Don’t Advertise Their Flaws
Many offenses don’t make the news and aren’t uncovered by simple searches. Perhaps there was an altercation with a neighbor that didn’t lead to criminal charges but was reported, and indicates a propensity towards violence. Perhaps there was a write-up by a supervisor over some negligence that, again, didn’t make the papers, but is buried in someone’s deeper background. Perhaps they’ve transgressed in some financial way that is pertinent to your industry. Perhaps they have a substance abuse problem that you’d rather not be liable for.
This is why you need professional help and the best plan is to get a background check that vets thoroughly and completely, giving you peace of mind that there are no old forgotten accounts, blog posts, or other real-life or webskeletons in closets that could do great damage to your company’s reputation.
You will want to use a reputable background check service that ensures no stones are left unturned. Public records such as criminal charges, marriages, divorces, addresses, and other simple things are easy to find, but there are also harder, “deep web” searches. These involve looking into possible aliases, possible unreported presences on social networks, and a boatload of other possibly incriminating data. It’s easy to imagine a simple background check finding a criminal charge, but how easy would it be to find white supremacist comments left by someone using a fake identity on a social media site?
Make Sure the Background Check Company You Hire is Legit
Authentic background check sites offer various financial plans thatsuit your budget. But more important than money; is the background check company itself legitimate? Keep in mind the United States Fair Credit Reporting Act prohibits the use of background checks for potential employees without informing them beforehand and having them agree in writing. Any background check company worth its salt will inform you of the law beforehand.
The main point is simple. People don’t volunteer negatives. Resumes are written to show a person’s most positive aspects. It is therefore incumbent on the employer to run a complete background check. Luckily, we now live in a digital age where it’s become easier than ever to instantly uncover traces of information that just a few decades ago would have been nearly impossible to uncover – if you invest in a complete background check from a reputable source.
The Only Wealth, There’s in Man
The famous quote of Jean Bodinprovide us with an important visualization about the human capital in developing countries, in order...
Hybrid Warfare Against Pakistan: Challenges and Response
The term ‘hybrid warfare’ entered the strategic lexicon in the early 21st century despite having been practiced in various forms...
Twentieth century was a century of great events and developments in every part of human life. The century is marked...
UNEA-5 ends with clear message: act now to tackle planetary crises
The virtual Fifth Session of the UN Environment Assembly ended on Tuesday with a clear message: our fragile planet needs more...
The European Union and Russia: To talk or not to talk and about what?
The recent visit of the High Representative of the European Union Josep Borrell to Moscow was seen by those, who...
Getting Away With Murder: The New U.S. Intelligence Report on the Khashoggi Affair
It was October 2, 2018 when a man walked into the Saudi Arabian consulate to collect some documents he needed...
Why Did States Sign NPT Treaty As Non-Nuclear Weapon States
Following the inception of the “Treaty on the non-proliferation of nuclear weapons NPT” in 1967, about 186 states signed NPT...
Americas3 days ago
U.S. Climate Policy Could Break the Ice with Russia
South Asia3 days ago
Ancestral Lineage of Hazaras: from Afghanistan to Pakistan
Economy3 days ago
Kickstarting the U.S. Economy: A Rebound or Further Inequity?
Middle East3 days ago
Will the New Interim Government Lead Libya Out Of A Long-Standing Crisis?
Economy3 days ago
Brighter Future Waits Ahead
Eastern Europe2 days ago
Caspian: Status, Challenges, Prospects
Green Planet3 days ago
Climate politics and the future of carbon emissions
Americas2 days ago
Rejoining the UNHRC will be the State Department’s first diplomatic mistake