GDPR

Since the Payment Card Industry Data Security Standard was introduced in 2004, many merchants found compliance to be too arduous or costly and just skipped it, risking fines. But increasingly, other regulations like GDPR are changing the PCI DSS compliance equation.

A sector not known for its innovation or willingness to change is actually a shining example when it comes to creating hubs of engaging content, says On24's Mark Bornstein.

It is important to understand how bias may be found naturally in your own existing customer base, and how this may affect your inferences, since these naturally need checks and balances to avoid sampling bias, argues Callsign's Stuart Dobbie.

Congress should consider acting quickly or companies could treat the Golden State's new data privacy restrictions as a national standard.

Not only does it illustrate the willingness of regulators to impose massive fines for massive data breaches, it also reminds us that this situation could be just the tip of a financial iceberg, says White Hat Security's Mark Rogan.

In their efforts to understand data privacy regulations and maintain compliance, it’s become clear that a large number of retailers simply don’t know the true whereabouts of their customers’ data, never mind how that data is being used, says Cleo's Dave Brunswick.

Even though the General Data Protection Regulation has put data security and privacy top of mind throughout Europe in its first year, it is not likely the U.S. will see a similar federal mandate anytime soon — if ever.

Because various aspects of the General Data Protection Regulation were made public two years before they became official law, European lawmakers naturally felt it gave companies plenty of time to get data security compliance in place. But it appears most companies either lost track of time or haven't solved the compliance puzzle yet.

While most early GDPR fines have been relatively low, a larger more recent fine at Google is a sign of larger levies to come, according to Karen Neuman and Federica De Santis from the privacy and cyber security practice at Goodwin.

Regulators are handing out fines for GDPR violations, that while relatively small can have a large impact on the push for sharable identity by drawing attention to how large companies use data.