With the EU GDPR literally just around the corner, we’re taking a closer look at a few telco operators and their perspectives on the new legislation.

You’ve probably read mails like these countless times during the past few weeks: “Would you like to keep receiving our newsletter? Please click the link below to confirm.” The reason behind these and many other measures is the EU General Data Protection Regulation, GDPR for short, which will come into full effect on May 25th.

 

The telco perspective – an opportunity for progress

Customer service providers and other industries, where processing customer data is a necessity based on the very nature of the business, are facing the challenge of (re)evaluating and adapting their data processing routines to the new regulation. Looking at press releases, articles and opinion pieces from major telcos, the universal tenor seems to be that the regulation comes as a trigger for necessary change, despite the bureaucratic efforts it entails.

Jonathan Hughes, Head of Enterprise Cyber Security Operations at Vodafone, writes that “GDPR will help us all”, viewing it as a first step along the way and calling upon businesses to “internalise their responsibilities to secure our PII (Personally Identifiable Information) data”. 

Telefónica’s Carlos López Blanco identifies three key points to the role of legislators going forward: Settling principles [of citizen’s rights in the digital age], allowing flexibility & innovation, raising awareness & privacy culture and bringing legal & practical certainty.

 

 

From the customer’s perspective - Right to Access and Right to be Forgotten

One of the essential goals for the GDPR is to grant users more control over their personal data. The greatest impact will most likely come from two specific rights – the “Right to Access” and the “Right to be Forgotten”. While the first right assures that users can request to be informed on which of their personal data is stored and processed and why, the latter allows them to request to have their personal data deleted from a specific record. This way, there now is a widespread legal foundation for individuals to take influence on how the interaction with major corporations takes place. As an indirect effect, the legislation should serve to heighten privacy awareness on the consumers’ end and make companies reflect on which personal data they actually need to keep on record.

 

NTS GDPR control to help our clients achieve GDPR compliance more easily

At NTS Retail we took the new regulation as an opportunity to analyze our data processing routines and optimize them in accordance with the GDPR legislation. Since our system is a vital part in the retail infrastructure of our clients, we have created a new application which offers a comfortable GUI to view, export and remove specific sets of data containing personal information.

Falls Sie sich näher für die DGSVO und unseren Ansatz dazu interessieren: Wir bieten ein Whitepaper zu diesem Thema als Download.