New EU data rules ‘huge’ for Trunomi

Make text smaller Make text larger

  • European opportunity: Stuart Lacey, founder and CEO of  Bermudian tech firm Trunomi

    European opportunity: Stuart Lacey, founder and CEO of Bermudian tech firm Trunomi

  • New regulation: the European Parliament approved the General Data Protection Regulation last week

    New regulation: the European Parliament approved the General Data Protection Regulation last week

The European Union has introduced new data protection laws that will have implications for many Bermuda companies that do business in the 28-country bloc.

The new General Data Protection Regulation, which was approved by the European Parliament last week, is aimed at giving citizens more control over their personal data while forcing companies to take data protection more seriously.

The law will take effect in the summer and organisations will have two years from then to comply. Fines for breaking the rules will be potentially huge — up to four per cent of a company’s global revenue per infraction. It will apply to any company that handles EU citizens’ data, wherever in the world it is based, potentially creating a new challenge for some Bermudian international businesses.

One Bermudian technology company, which has been preparing for this change for the past three years, is now well placed to benefit from it.

Trunomi, led by founder and chief executive officer Stuart Lacey, specialises in solutions for creating, sharing and monetising data and for solving data privacy issues.

Mr Lacey said Trunomi’s Right Management over Data Sharing plus TruCert was built to solve the issues for organisations created by GDPR. The arrival of the new regulation was “huge” for the company, he said.

“This puts the technology platform of our Bermudian-based company squarely in the centre of a seismic shift — profoundly mandating the move to give citizens back control of their personal data, enforcing that companies comply with data portability and the right to be forgotten, as well as simplifying and harmonising the regulatory environment,” Mr Lacey said.

The GDPR is a modernisation of data protection laws drawn up in 1995. Since then the collection and utilisation of personal data by corporate giants has become more widespread.

“As referenced in my TEDx talk held in Bermuda in late 2015, individuals have long been unaware of the scope of collection and abuse of their personal data,” Mr Lacey said.

“But a new paradigm is emerging, powered by technology companies like Trunomi, where choice, transparency and control of one’s own data is now possible and where you, as the data owner, can treat it as your asset and then start to monetise it directly.”

He added: “This is a big deal for Bermuda, and awareness must be high if companies here are to figure it out and comply in time.”

Data analytics are playing an ever-growing role in many industries, not least insurance.

The new rules require organisations to be more transparent with their use of data and are designed to give individuals more say over how their data is used, including giving people the right to have some types of data deleted.

It also makes it mandatory for large companies to employ a data protection officer and for data breaches to be reported within 72 hours.

Businesses will need to have their solutions in place for the compliance deadline, said Darren Wray, CEO of Fifth Step an IT consultancy firm that counts several Bermuda companies among its clients.

“GDPR is going to require some considerable changes in the organisations that are processing personal data of those residing in the EU to ensure their systems and procedures are able to cope with the rights that the GDPR demands,” Mr Wray said.

“The go-live date is in 2018, but firms should start to look at the impacts of this earlier rather than later so that they understand the impact that these changes will have, and so that they can plan accordingly.

“The kinds of organisations that will need to make changes are banks, insurance companies, law firms, accountants whose clients include those residing in the EU.”

Ruth Boardman, a partner with UK law firm Bird and Bird, told the BBC: “A regulator could knock on the door and companies will have to have the mechanics in place and show the systems that they have to achieve compliance.”

EC commissioners Frans Timmermans and Vera Jourová said after lawmakers voted to approve the GDPR: “The new rules will ensure that the fundamental right to personal data protection is guaranteed for all.

“The GDPR will help stimulate the Digital Single Market in the EU by fostering trust in online services by consumers and legal certainty for businesses based on clear and uniform rules.”

You must be registered or signed-in to post comment or to vote.

Published Apr 21, 2016 at 8:00 am (Updated Apr 21, 2016 at 10:58 am)

New EU data rules ‘huge’ for Trunomi

What you
Need to
1. For a smooth experience with our commenting system we recommend that you use Internet Explorer 10 or higher, Firefox or Chrome Browsers. Additionally please clear both your browser's cache and cookies - How do I clear my cache and cookies?
2. Please respect the use of this community forum and its users.
3. Any poster that insults, threatens or verbally abuses another member, uses defamatory language, or deliberately disrupts discussions will be banned.
4. Users who violate the Terms of Service or any commenting rules will be banned.
5. Please stay on topic. "Trolling" to incite emotional responses and disrupt conversations will be deleted.
6. To understand further what is and isn't allowed and the actions we may take, please read our Terms of Service
7. To report breaches of the Terms of Service use the flag icon

  • Take Our Poll

    Today's Obituaries