Censys: The World of Attack Surface Management
GDPR is here. Starting today the General Data Protection Regulation will be enforced by regulators across all 28 countries in Europe who are affected. GDPR focuses on the protection of EU citizens' personal data, meaning companies have been scrambling all over to try and meet the new requirements.
One of the big targets for GDPR is to reassess the spree of pointless marketing emails that have spammed customers and users all over, due to companies getting better and better at acquiring these users' data without their knowledge.
Every company affected by GDPR (including organisations outside of the EU who must forcefully comply in order to do business with companies within it) is on their toes. For the largest firms like Google, Facebook, Microsoft, Apple, Twitter and Amazon it is crucial to fall in line, what with the colossal amounts of data the companies have gathered from people all over the world. The fines can only increase with the level of offence and the lives companies play with, meaning the giants of the tech world have to be the most careful.
In Facebook's case the preparation for GDPR compliance has been a difficult time, the months leading up to now being accompanied by Mark Zuckerberg's trial and the recent exposure of shady deals with Cambridge Analytica.
Standing in front of Members of the European Parliament three days ago, the Facebook founder said his company was GDPR-ready and that a huge number of users prompted to change and update their privacy settings had done so. Facebook has also gone ahead and activated facial recognition for people in Europe.
The registration of approximately one and a half billion users outside of the US, Canada and EU was moved to the United States, meaning people in Africa, Asia, Australia and Latin America will not be covered by GDPR under Facebook.
Apple has generally collected less data than the other tech giants, implementing end-to-end encryption on iMessages as far back as 2011. For GDPR, their updated privacy terms allow European users to download all of their data that Apple holds about the, a move toward transparency that comes in the form of zipped folders, in reusable files.
Apple has further introduced the option for users to temporarily deactivate accounts. When this is in place, a user's data will stop being implemented for machine learning and AI systems.
In the Google corner, much criticism similar to Facebook's has been thrown at the tech giant for its GDPR plans. This includes complaints from four major trade bodies, containing roughly 4000 angry publishers, who were unhappy with the changes Google made to its advertising platform.
The Mountain View-based firm's plan to shift the responsibility of getting consent from users to use data undermines the entire purpose of GDPR< according to representatives for the publishers.
Amazon Web Services (AWS) was announced as GDPR-ready near the end of March by Amazon. The services, a representative said, offer users the ability to implement their own security measures in ways that are in compliance with GDPR.
Microsoft went global with their extension of new privacy rights for users, unlike Facebook or Google. They have created a privacy dashboard that further allows users to review settings, delete data and download whatever information is being held about them. Microsoft went the extra step to explain and highlight what was updated in its Privacy Statement for GDPR.