Hollywood writers could not have scripted it better. Merely a month before the implementation date of the General Data Protection Regulation (GDPR) in May this year, a data protection scandal roils the world. A whistleblower reveals the leakage of personal data from Facebook through Cambridge Analytica to malevolent actors aiming to influence the U.S. presidential elections. What could possibly better illustrate the crucial role of GDPR in an age where data drives not only marketing and online commerce but also fateful issues for democracy and world peace?
Now, five months after the implementation date of the most fundamental legal reform of a generation, we can begin to assess what has changed and what still needs to improve. The main lesson learned from the Cambridge Analytica scandal is the key role of accountable data practices in an environment characterized by continuous, cross-border, multiparty information flows. Facebook’s brand and reputation suffered – and CEO Mark Zuckerberg was forced to testify in Congress and in European Parliament – as a result of the company’s insufficient controls over the propagation of data through its chain of suppliers and customers.
Read the full piece at SC Magazine.