CNIL President: GDPR will bring a 'pan-European collaborative effort'.

By Privitar - September 26, 2017

Today, many of our clients are asking how to maintain the delicate balance between maximising usage of data to grow your business on one side, and legal and reputational risk on the other side. The changing regulatory landscape, with the new General Data Protection Regulation (GDPR) on the horizon, adds a further layer of complexity. The only way to ensure compliance at scale, and drive innovation with data in parallel, is with technological controls to protect sensitive and confidential data.

Privitar co-hosted an event at the Accenture office in Paris last week to discuss how disruptive technology solutions can address this challenge. Senior executives from across industries were welcomed by CNIL President Isabelle Falque-Pierrotin. Falque-Pierrotin reassured the audience that CNIL are there to help, and will work alongside companies to ensure that they are adequately prepared. However, she cautioned that whilst the enforcement agencies act autonomously today, once GDPR is in place, it will be a pan-European collaborative effort, through enforcement alliances, and not just up to local agencies to take action.

Keynote speaker Alasdair Anderson, Head of Platforms, Nordea, discussed how the bank is leveraging data governance and privacy investments to accelerate business intelligence. The global banking system has been investing in data management for decades, reacting to the regulatory push for greater control, quality and transparency. The focus for Nordea has been on turning this investment into a competitive advantage, working with, amongst others, Privitar and Waterline Data, to leverage the opportunities the big data revolution has provided.

In order to comply with GDPR, organisations need to know their data. As Kaycee Lai, COO, Waterline Data said, “firstly data professionals need to discover, organise and curate the data, then can they expose the newly organised data for business professionals to use.”

But the big data revolution has also introduced new privacy risks that mean traditional data management approaches need to evolve. The same techniques that yield insight also threaten privacy. And when an unprotected data set is exposed through a breach, the implications are significant and far reaching. Organisations need to 

Privitar CEO, Jason du Preez made the point that organisations are evolving from intuition-based decision making to become increasingly data-driven. He emphasised that these organisations will need to ensure their platforms include scalable controls to protect against privacy risk. Firstly as part of a layered defence strategy against data breach and abuse and secondly, to enable a frictionless data innovation process, enabling firms to safely and ethically capitalise on the value of Big Data.

And the work doesn't end once your own house is in order. David Leboni, Head of Research at CyberVadis, a leading supply chain data security company highlighted that GDPR will change supply chain liability, meaning organisations must look again at the controls they place on data sharing with third parties.

At Privitar, we believe that the only way to deal with this effectively is to take a holistic approach and to leverage more sophisticated tools in the face of increasingly sophisticated threats. By layering in technological controls to data pipelines and making these intrinsic to data analytics platforms, you can provide a scalable, transparent and manageable solution to the challenge. By exposing only as little as possible in every phase of the data lifecycle, we reduce the harmful impact of both security and privacy concerns by reducing the attack surface in every context.

Getting ready for the GDPR

We’d like to thank Accenture and Partech Ventures for hosting the event.