More than half of senior IT managers said in a survey that new EU rules on data protection will end up costing their businesses.
A survey of 100 senior IT managers in large UK enterprises across the financial services, manufacturing, retail, distribution/transport and other commercial sectors found that 56 per cent of respondents believed that the proposed regulations would cost them financially.
Forty per cent believed that the proposed 24-hour deadline for notifying individuals of a data breach would advertise security weaknesses before an appropriate security review could be completed. More than a third (36 per cent) said they fear "false alarms" from pressures to notify of data breaches quickly to avoid fines, while 26 per cent envisaged their enterprise outsourcing the required data protection officer role.
Despite the negativity on the costs, 64 per cent felt that the proposed regulations would improve business security processes and consumer data protection.
Carl Shallow, head of compliance at SecureData, which conducted the survey, said: “Across the enterprise questions must be asked about exactly what sensitive data is and where it resides. There is frequently an abundance of ‘lost' unstructured data siloed across the largest organisations' IT estates. The new act is an ideal opportunity to review data governance procedures and management solutions.”
One of the controversial proposals promises internet users the "right to be forgotten", which would allow people to ask for data about them to be deleted. Organisations will have to comply unless there are "legitimate" grounds to retain it.
Ehud Furman, founder and CEO of Veribo, which launched a service this week to help individuals and businesses protect and manage their reputations online via managed search results, said it was great that there had been discussion about online privacy, but little action had been seen.
“Viviane Reding should be applauded for bringing to light the need for greater control over our data on the internet, and the right to be forgotten is the first step towards enforcing such control. But more needs to be done. The launch of Veribo brings a cost-effective and guaranteed solution to European businesses and individuals for whom the only solutions available have been expensive SEO campaigns or legal action, until now,” he said.
Shallow said: “Consumers may have a right to be forgotten, but hard-working growth businesses have a right to be remembered. The new internet economy is vital to Europe's economic recovery and the need for increased data protection must be finely balanced with freedoms for technological and business-model innovation. Fears over unintended collateral damage from this legislation clearly need to be reviewed.”