Is there are security measures to be taken for the digital transactions?
How cyber-threats affects the digital transaction?
- Are we ready to travel the digital transactions world?
The GDPR is a Data Protection Regulation (EU 2016/679) adopted by European Union on 2016 and comes in to effect by 2018. The existing Data Protection directive (95/46/EU) will be replaced by GDPR on 2018.
The GDPR focuses on Individuals Data Privacy Protection within and outside European Union and plans to unify the regulation between all Member States. So, the same regulation will be applied across the member states which provides the ease of binding actions during the Investigations & Sanctions. A Supervisor Authority (SA) is appointed for each member state to handle the Investigations on complaints and Administrative Offences. The SA’s are given power to impose administrative fines.
General Data Protection Regulation is a regulation by which European Union (EU) strengthens and unifies the data protection laws for states within it.
Scope: The regulation applies to all organizations using information about European citizen. The law also applies to organizations that are outside the EU region, but still processes/accesses information of the European citizens.
Timeline: This rule has been formally adopted on April 2016 and will come into effect after a transition period of 2 years, i.e. 2018.
Below are some of the key points about the rules:
Most of us are aware of the use of the applications that offers voice dictation feature. If we talk to the IOS or Android application that has the dictation feature, it will convert your voice/words to text. This will help us to create larger documents without awkwardly typing out the words on the on-display keyboard. We can talk to the application while driving. My friend who writes stories used to tell me that, all good imaginations or ideas come to him while driving. So he uses an application to talk while driving and the application converts his voice to text and later he posts those in his blog. One time when he was travelling towards a hill station, my friend had a tough time, even though good sceneries had given him lot of threads for writing stories, but he was not able type those because mobile network/internet coverage was not available over there for the voice dictation software he was using. :-)
Protection of Personal Information act has been signed into South African law in November 2013 and has been subsequently enforced. The proposed comprehensive information security law regulates the collection and storage of customer data by business organizations and mandates data protection measures to be taken up.
The main objective of the data protection directive has been to exercise everyone’s right to privacy as per the law, strike right balance with other mandates like right to information and control the free flow of the information.
The conditions and provisions for the lawful processing of the personal information by the business organizations have been encompassed into:
Enterprises have been struggling to decide on a question related to customer data for too long which is “how much data to collect, how best to use it and how long or how much to retain in view of privacy and security concerns”. This dilemma continues in their efforts to comply with various regulations, Customers’ reasonable expectations and Internet of things or for that matter in every business decision.
One possible example of inappropriate usage of key customer data could be collection of PAN numbers by Indian Railways. This critical information (PAN) is publicly displayed on Reservation charts which could be a clear violation of reasonable privacy practices. Another example could be that of credit rating or credit reporting and permissible uses of customer credit report information under certain circumstances.