Aim to make compliance easier for small and medium businesses.
The European Commission plans to present a proposal to cut back the General Data Protection Regulation (GDPR).
According to Politico, the scaling back of the regulation is part of an attempt to make businesses in Europe more competitive with rivals in the United States, China and elsewhere.
Wasted Time
The aim is for companies to waste less time and money on complying with complex legal and regulatory requirements imposed by EU laws. EC justice commissioner Michael McGrath said a review of the GDPR last summer showed there “is the need for greater support [for] businesses, especially SMEs, in their compliance efforts.”
This will lead to a proposal to simplify the GDPR in either April or May, as a simplification package for small and medium-sized businesses has been moved to May 21st.
Several European leaders have criticised the GDPR, saying it “hampers innovation.”
There are “a lot of good things about GDPR, [and] privacy is completely necessary. But we don’t need to regulate in a stupid way. We need to make it easy for businesses and for companies to comply," Danish Digital Minister Caroline Stage Olsen told reporters last week.
Simplification Plan
In March, the Commission said that the simplification plan will focus on reporting requirements for organisations with fewer than 500 people, but will not touch the “underlying core objective of [the] GDPR regime.”
Commenting, Dr Ilia Kolochenko, CEO at ImmuniWeb, said he was not surprised by the looming overhaul of GDPR after almost seven years of complaints about it from all impacted stakeholders – including data subjects, data controllers and processors.
“In its current shape, GDPR creates more harm and hurdles than any palpable benefits,” he said. “According to numerous research and reports, most data subjects do not feel that their data is better protected. While many experience the growing GDPR fatigue, such as omnipresent and annoying cookie banners, some of which require several clicks and scrolling to disappear.”
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
