Op/Ed by Michael Mudd, Managing Partner, Asia Policy Partners LLC
The EU’s General Data Protection Regulation (GDPR) is quietly working before its implementation.
RELATED: China’s Cybersecurity Law: An Introduction for Foreign Businesspeople
This is markedly different to Facebook, which announced they will move all non-EU users’ data to the US before May 25. This does make a difference as certain types of data, such as browsing history, for instance, are considered personal data under EU law but are not protected as such in the US.
Similarly, LinkedIn announced new terms that take effect on May 8 to move non-European users to contracts with US-based LinkedIn Corp. Similarly, Microsoft Outlook email services announced on April 25 that non-EU resident data will be located in the US. Microsoft added that additional features to support the GDPR for European residents will be available by May 25.
AWS, on the other hand, has extensive paperwork on GDPR, as has Microsoft for their Cloud services compliance, which is searchable and comprehensive.
The issues that companies involved in online advertising face are complex. The average page load on an ad-supported website includes 172 network requests just for advertising, according to recent research from Ad Lightning.
That’s 172 opportunities for a publisher’s audience data to be collected, stored and re-monetized by other partners every time a page displays, all of which will be subject to the GDPR if the person accessing the webpage is located in Europe.
Some online marketing companies, such as Verve, which runs a mobile marketing platform powered by location data, and the appropriately named Drawbridge, are shutting down their European operations altogether to focus on their US business.
Information Technology Solutions from Dezan Shira & Associates
If the above is not enough, lurking in the background is the EU ePrivacy directive (the so-called “cookie law”), which pertains to electronic communications in Europe. This is not yet finalized, but may come into law soon after GDPR, most probably within 2019.
In the wake of well-publicized concerns over the apparent misuse of data, there are a number of legislative proposals working their way through the US Congress to tighten up privacy, including the Honesty in Ads Act, the Consent Act, and the My DATA Act.
One thing is for sure: privacy policies and terms of service for all online services are going to get longer and harder to understand.
This should be made easier; maybe there should be an app for that? It turns out there are, including this one. To update an old Chinese saying, “We live in interesting online times”.
This article was originally posted on LinkedIn on April 25, 2018
Mr Michael Mudd is the founder and Managing Partner of Asia Policy Partners LLC, an independent consultancy providing thought leadership on technology policy for digital transformation, security, privacy, compliance, standards and trade related business. An appointed expert to JTC-1 of the ISO, he is also a member of the Government of Hong Kong’s Expert Group on Cloud Computing, specifically the working group on Cloud security and privacy where he advises on policy. He is a member of the Policy committee of the Hong Kong Computer Society and the chief representative of the Open Computing Alliance in the APAC and MEA regions. He is an associate member of the Middle East & Africa Cloud Alliance. He also has created and delivered executive training on technology risk, privacy and digital security for non-technical office staff to mitigate losses from fraud as well as CxO level guidance on the EU GDPR.
He may be contacted at firstname.lastname@example.org
China Briefing is published by Asia Briefing, a subsidiary of Dezan Shira & Associates. We produce material for foreign investors throughout Asia, including ASEAN, India, Indonesia, Russia, the Silk Road, and Vietnam. For editorial matters please contact us here, and for a complimentary subscription to our products, please click here.
Dezan Shira & Associates is a full service practice in China, providing business intelligence, due diligence, legal, tax, accounting, IT, HR, payroll, and advisory services throughout the China and Asian region. For assistance with China business issues or investments into China, please contact us at email@example.com or visit us at www.dezshira.com