DSGVO-Rohde-Schwarz-Cybersecurity

The GDPR uncertainty

The General Data Protection Regulation (GDPR) has been in force for six months now. The media's dedication to this topic has not diminished and it is clear: data protection and possible sanctions, including the (supposed) fear of legal consequences, are unsettling and intensify the emotionality of discussions about a regulation, which could possibly suffer as a result.

The passion with which it is being reported about the GDPR - especially outside the professional community - suggests that this regulation will behave differently from other legislative changes and innovations. On the one hand, liberal possibilities are upheld, on the other hand, the basic pessimism and scepticism about the possibilities of digitalisation could not be greater.

The security of data processing is central to the GDPR, which is why companies must take organisational and technical measures when processing personal data. The aim is to ensure protection against unauthorised, unlawful data processing, data loss and accidental damage or even destruction. The concrete technologies and measures used will depend on the likelihood and severity of a risk to the rights of people affected.

By the way: You can download our white paper on the GDPR here.

Certainly, hardly any other regulation currently refers so much to the reality of people's lives, but similar directives and laws as the EU Data Protection Directive and the Federal Data Protection Act in its scope of application (protection of personal data, obligation to provide information and documentation, technical and organisational protective measures) already precede the GDPR. For the GDPR, points such as increased self-regulation and extended documentation obligations have been made stricter - and, in particular, the framework for fines applicable to violations of the regulation has been significantly increased. In addition, there is the concern of individuals and companies to be "overrun" with warnings when keywords such as 20 million mark or four percent limit are dropped.

A current example refers to a so-called data protection information centre based in Malta, which sends faxes to companies, together with a request to sign a form by means of which they comply with the "legal obligation to implement the basic data protection regulation" and which contains a so-called basic data protection. This form should then be sent by fax to a 00800 number in Switzerland within a few days. This "service" is based on a subscription that charges fees in the mid-three-figure range. Forms that are offered for this purpose, such as for the creation of processing directories, are provided free of charge by the authorities.

A case that may have caused further uncertainty. The fact that the Federal Data Protection Act already contained a framework for fines is lost in emotionality in debates about the above mentioned example. In view of the fact that no fines in the millions have been imposed since the entry into force of the GDPR in May 2018, it can be assumed that these will not be imposed in the event of violations in a data protection declaration from the start of validity of the regulation. The more so as the amount of a fine must always be adapted to the economic circumstances and, in addition to the fine proceedings, the means of remedying the deficiency in data processing must also be available. It can therefore be assumed that before a fine notice is actually imposed, the first step is to order the rectification of the deficiency.

The GDPR offers companies enormous opportunities in customer retention. We recommend an approach that takes equal account of data protection and information security. Rohde & Schwarz Cybersecurity advises companies on how a broad portfolio of secure networks, endpoints, applications and clouds can be implemented.

For advice on Europe-wide data protection, compliance with corporate regulations - and the competitive advantage they offer, download our white paper on the GDPR here.

Request information

Do you have questions or need additional information? Simply fill out this form and we will get right back to you.

Permiso de marketing

Deseo recibir información de Rohde & Schwarz por

¿Qué significa esto exactamente?

Estoy de acuerdo con que ROHDE & SCHWARZ GmbH & Co. KG y la entidad o subsidiaria ROHDE & SCHWARZ que figure en la Declaración de confidencialidad del sitio web se ponga en contacto conmigo a través del canal elegido (correo electrónico o correo postal) para fines de marketing y publicitarios (p. ej., información sobre ofertas especiales y promociones de descuentos) en relación con, pero sin limitarse a, productos y soluciones para prueba y medición, comunicaciones seguras, monitoreo y pruebas de redes, broadcast y media así como ciberseguridad.

Sus derechos

Esta declaración de consentimiento se puede retirar en cualquier momento enviando un correo electrónico a news@rohde-schwarz.com con el asunto «Cancelar mi suscripción». Además, en cada correo electrónico enviado se incluye un enlace para cancelar por correo electrónico la suscripción a futuros anuncios. En la Declaración de privacidad encontrará información adicional sobre el uso de los datos personales y el procedimiento de retirada.

Se ha enviado su solicitud. Nos pondremos en contacto con usted en breve.
An error is occurred, please try it again later.