Max Schrems began a cause to protect the Personal Data of Citizens by initiating court action against some of the FAANG companies for Data Privacy Violations. Is a Yelp like Data Privacy Compliance Portal for Citizens an appropriate equalizer against corporate giants? Now is the time for firms of all sizes to consider if the average Citizens will follow Mr. Schrems’ example by grouping together and initiating similar court action to recover real damages and punitive damages from other corporations. These court activities may not depend on the existence of data regulatory laws in the country of origin but upon demonstrating that a firm has been negligent in protecting personal data collected by them.
Will some charismatic evangelist be able to bring together groups of citizens to fund such activity and initiate court cases that have potential to be decidedly detrimental to your firm? Perhaps this has not happened as yet because of the difficulty in demonstrating that a firm has exposed personal data in its environment?
Unfortunately, there are a few affordable technologies available that can easily discover Personal Data that has not been protected through encryption or other methods in a data environment. It is impossible to predict under what conditions companies will be obligated to provide large random samples of their data to defend themselves in court. How will they win a court decision if a computer application points directly to the exposed personal data?
Clever legal minds will eventually discover the existing products that will provide the evidence needed for them to win cases that brings them national acclaim and large revenue judgements.
I know these technologies exist, are not difficult to use and are not too expensive to license. However, I am suggesting you get ahead of the potential problem by using these same technologies in your own environment to begin protecting personal data and yourself from Regulators and organized citizens.
GDPR Regulators have stated that just having a plan to protect data and identifying existing vulnerabilities will strongly and positively influences Regulators when auditing a company after they have been hacked or a whistle blower; perhaps it will have a similar impact in courtroom decisions.
To be direct, I have developed software that performs Regulatory Compliance Discovery & GDPR DPIA / Auditing functions in just days / weeks, can deliver tangible results to indicate your ability to pass a GDPR audit & give your legal staff information to gauge your vulnerability to court activity. This Technology will validate your company’s compliance exposure & suggest methodologies and procedures as well as remediate (encrypt) to diminish compliance risks and simultaneously reduce legal risk.
To assist both Citizens and Companies to work together in a synergistic manner, we are considering a collaborative portal for Citizens to share experiences, documents, validations and personal encounters where their personal data may have been put at risk. The portal will provide companies with a means to view this information, so they may work with consenting Citizens on these matters. The company will have the opportunity to determine if the issues are wide spread or isolated instances and will provide companies with an early indication of their difficulties before they are hacked, discovered by Regulators or brought to court by activists. https://gdprapplication.blog/ https://gdprcompliacnymaster.blog/