The EU’s moves earlier this month to harmonise data protection across the region have understandably been welcomed by consumer groups. The body’s new General Data Protection Regulation (GDPR) includes among its provisions the “right to be forgotten”, the right to know if your data is ever hacked, the right to transfer your data and, of course, also allows for some pretty hefty fines to be imposed on any company right across Europe found guilty of breaching the regulations and putting consumer privacy at risk.
The GDPR certainly raises the bar for consistency, accountability and standards to give consumers more control and security over their data and privacy and, more importantly, will also trigger a reform of the EU’s e-Privacy directive.
It is a welcome move by the regulator and one which arguably sets a new world leadership standard for consumer data protection – with the data protection partner at international law firm Fieldfisher telling the Guardian newspaper in the UK that the “global standard for data protection will now be dictated by European rules.”
And while businesses are often wary of intervention by the regulator, this particular move was also welcomed by the mobile industry world trade body – the GSMA. This is because trust in the ability of companies – and in this case mobile operators – to sensitively handle, protect, and not abuse, your data is paramount. The GSMA went further saying the new harmonized rules were: “Fundamental to building trust and driving the uptake of new digital services by citizens across Europe.”
At AsiaInfo, it’s also an area we have studied quite closely. Our new Cloud Core offer is built on a partnership with Amazon Web Services (AWS). The concept of moving an operator’s BSS solution to the cloud – and in this case to a private section of a public cloud provider – immediately raises questions about privacy and security - especially when data moves across borders. While the highly successful, AWS business model is actually founded on its security and ability to protect its users’ data, questions will still be asked. And while operators are attracted by the substantial capital and operational savings available, they will still wonder whether “the regulator would let them do it”.
Well now the regulator has, in effect, spoken. The ground-breaking initiative of the GDPR sets a harmonized standard and helps mitigate against inconsistencies from country-to-country – particularly for a service provider with operations in more than one country. And our AWS –Veris Cloud Core approach more than meets the requirements of the GDPR.
Operators and industry experts concur that Cloud-based BSS solutions offer immense time-savings in deployment terms, greater simplicity, shorter time-to-market for new services, operational savings and the potential for a high-level of configurability to enable them to continue to differentiate across customer experience, business models and products.
As true cloud-based BSS systems play an increasingly important role in connecting digital services, partners, networks and enterprises beyond sovereign states, the interpretation and practical implementation of the new GDPR principles will play a critical role towards the acceptance of centralized cloud-based technology and services. The GDPR’s influence on the EU’s E-Privacy review will also be pivotal, with the GSMA calling for the right balance to be struck between “protecting confidentiality of communications and fostering a market where innovation and investment will flourish.”
The GDPR regulations and the E-Privacy review will play a key role in the level of innovation open to operators in the use of subscriber data, especially in the context of the development of new and advanced digital services, and the interoperability between national networks and the always-connected eco-system beyond the sovereign state. It is a major and welcome piece of work.
Published as part of BossFest16