How New EU Privacy Law Would Affect Cybersecurity

PC Network Solutions Cyber Security

In three months from now, the new European privacy regulations will take effect. In a bid to comply with the new privacy regulations, many companies around the globe are already struggling frantically to make necessary adjustments. But many security experts are already speculating that the new EU privacy law may weaken cybersecurity in Boca Raton and in general.cyber-security-consulting-west-palm-beach

They are worried that tracking down cybercriminals would become even more difficult with the newly introduced changes. And even when it comes to exposing new online threats, it is also quite worrisome that organizations will be willing to share data on such.

The General Data Protection Regulation (GDPR) which is expected to take effect on May 25, 2018, would require tech companies to obtain affirmative consent for any information collected on people within the confines of the EU. Fines of about 4% of global annual revenues will be required from any organization that violates the new privacy law.

As touching who should have access to people’s personal information and how much of the data can Web site name registrars collect, certain organizations are already making ready to propose changes to the governing rules. One of which is a nonprofit entity responsible for managing the global domain name system – Internet Corporation for Assigned Names and Numbers (ICANN).

ICANN has specifically been seeking feedback on certain proposals aimed at redacting data provided in WHOIS – a system designed to query databases that store IP addresses, as well as the registered users of domain names. When a person performs a WHOIS lookup on a particular domain, such as the registrant’s phone number, email address, home/work address, and name, under the existing rules, ICANN requires domain name registrars to gather and display a range of data points.

ICANN has proposed several moves aimed at redacting a portion of the registrant data from the records of the WHOIS system so as to be able to help registrars with the assistance they need to comply with the GDPR regulations. The organization proposes that the information of all registrant will be removed from public WHOIS records while revealing any information provided by the domain registrant will require a legal due process.

However, there is a less restrictive proposal that would allow self-certified third-parties to request access to information which will only be granted at the approval of a superior authority. Only the phone number, email, and name of the resistant will be removed. But when it comes to tracking down and bringing those who seek to perpetrate phishes, spams, and scams to justices, experts in cybersecurity in Boca Raton argue that the data in WHOIS records has been indispensable.

Nevertheless, it may interest you to know that some registrars have already started making attempts to comply with the GDPR injunctions so as to meet up with the deadline.