Cloud Hosting

In 2018, a new unprecedented data privacy law took the EU and, by association, the rest of the world by storm. The GDPR (General Data Protection Regulation) in its own words is described as "the toughest privacy and security law in the world," and it's safe to say the impact it has had on the global tech and business sectors has been significant over the past four years.

With more and more NZ companies subject to data and security breaches, it also begs the question as to whether there needs to be more focus on our own data privacy laws and if we can look to other countries for guidance.With the pandemic in 2020 initiating an increased online presence in all areas, companies have had even more reason to strengthen their data security systems and protocols as regulations continue to come with heavier penalties and consequences should they be breached.

Another significant factor is that the laws also cover affiliate companies, meaning that they don't only affect the EU market but also those international companies under EU jurisdiction.

Pre-pandemic, Google was famously hit with a substantial GDPR fine of EUR 50 million in 2019, when it failed to make its consumer data processing statements easily accessible to users. It also came under fire for data mining its users for targeted advertising campaigns without seeking consent, a trend becoming more apparent as companies look for new ways to expand their market growth.

More recently, in 2020, British Airways was targeted by hackers who breached their security and led customers to a fraudulent site that compromised the personal and financial information of about 400,000 people.

These substantial law changes have come at a cost too. According to legaljobs.io, it was reported that 27% of companies spent over half a million dollars to become GDPR compliant, and there has been over EUR 359 million in major fines already issued. This number is expected to grow, with some companies apparently struggling to keep up with the ever-changing online climate.

Rob Ellis of tech company Thales spoke to the BBC in May 2021, telling them that "When GDPR was first drafted, the legislation did not necessarily account for the adoption of new technologies and rapid migration to the cloud brought on by the pandemic.

"In this remote working era, businesses needed to digitally transform almost overnight just to keep the lights on, without necessarily incorporating security in the design of new systems and processes."

So if companies are struggling internationally to implement processes, how does this fare in the NZ market?

If New Zealand businesses have dealings with or are based in the EU, then they must adhere to the rules set out in the GDPR 2018 while also following the NZ Privacy Act 2020 guidelines. That's a lot of information coming from many different places, but thankfully the NZ government's digital website specifies that it is likely for there to be a significant crossover between the two.

With two different sets of rules and a myriad of new technologies and systems to navigate, it's clear that businesses must now be more vigilant than ever to keep up.

University of Auckland commercial law professor, Gehan Gunasekara, says that companies would be wise to make sure they know the European laws well, and if companies invest in smart solutions and education relating to GDPR, then they will be better protected in the long term.

"If you meet the European requirements, then 99.9% of the time you're most likely to also meet the New Zealand requirements. There are some subtle differences between the two regimes, but for most businesses, that doesn't really become an issue."

He says the most difficult situations come with doing business in and with Europe, and this is where companies have to carefully consider all the steps necessary to comply with the GDPR.

"Let's say, for example, you're a tourism operator and you want to bring Europeans to New Zealand or are offering flights to Europe, then you have to comply with the GDPR.

"It's now more than just about being transparent, and a bit more than consent. There is the idea that if you get specific explicit consent, everything is okay, but that's not the way the GDPR works. It is kind of the way that New Zealand's privacy law works because most things can be agreed to by consent under New Zealand law, but in the GDPR consent is not solid grounds on which you can base processing of personal data."

He says that the European GDPR is based on the legitimacy of interest, and companies have to explicitly outline how they're going to keep their data safe.

"You've got to show you have a legitimate interest and you've got to show that the individual's interest's don't override it. You've also got to show you're taking necessary steps to protect the data. Even if an individual signs some kind of waiver or consent, under GDPR, that's not going to get you off the hook."

Another issue Gunasekara brings up is education. He believes that even if companies equip the best tools and systems, humans are the key to regulating GDPR compliance and should be a key investment.

"The Privacy Commissioner in New Zealand can only give limited assistance as far as the Europeans laws are concerned."

Recently this year, Gunasekara and his team at the University of Auckland launched a program specifically targeted at companies and workers wanting to upskill in the areas of GDPR and data protection.

"We have a brand new online programme called the master of information governance that was launched this year. The idea is to train and upskill people who are privacy officers, information officers and governance officers.

"The advantage is if an organisation were to send its staff to a programme like that, then those staff can train other staff within the organisation and so there's a cascade effect."

When discussing our data privacy regulations compared to the rest of the world, he believes we are in the middle of the road when it comes to developed countries.

"There are many countries around the world that have yet to get privacy regulation. I mean, China is the latest one that has actually now passed quite a strict personal information protection law. Almost every week, there's another country passing a privacy law.

"We think we're weak in comparison to the GDPR, but even in relation to Australia for example, where small businesses are not covered, New Zealand has a good one size fits all law that's relatively easy to understand."

When asked what businesses should do to be prepared for GDPR compliance, along with education, Gunasekara emphasised the need for a company-wide approach, with all employees doing their part to protect data.

"There is really no excuse for business not to get up to speed with it, and it can't be something that can be just dedicated to some compliance officer or privacy officer. It requires an all business approach. This needs to be grasped at board and CEO level and there are cost implications, but the costs of privacy failures would be higher.

With new privacy laws popping up by the day, and a large majority of businesses worldwide being subject to data breaches regularly, it's clear that data privacy isn't something companies should sweep under the rug. GDPR and privacy laws are there to protect businesses and consumers, not hinder them, so it's in their best interest to make sure they are up to speed.

Do we need a brand new, state-regulated GDPR that is NZ specific? Perhaps it's too early to tell. With so many of these new laws around the world being in their infancy, the full effect hasn't come to light.

With noticeable fines and a focus on enhancing secure technology, we've seen many companies stung and others learn from their mistakes, so this may be an early indicator of change. However, it is clear that the European GDPR is a landmark initiative that New Zealand and the rest of the world should be keeping closely on their radar.

Go here to read the rest:

The GDPR and NZ: Why this relationship is so important to the future of data privacy in Aotearoa - SecurityBrief New Zealand

MMP World Wide (MMPWW), the leading adtech solutions provider in the region, has appointed Aqilliz, a middleware technology provider, to authenticate audiences and establish data provenance within campaign environments. As part of the strategic partnership, Aqilliz will be the official, exclusive technology provider for MMPWWs marketplaces within the Middle East and North Africa (MENA) and North America markets, effective as of 1st January 2022.

Aqilliz specializes in enabling greater data collaboration and privacy compliance across the digital marketing ecosystem. Backed by its proprietary, state-of-the-art technological infrastructure Atom, Aqilliz will leverage federated learning a machine learning technique that allows distributed data sets to be queried and reconciled without needing raw user data to leave local storage. This ensures that all deterministic and probabilistic user identification takes place in accordance with local data protection frameworks.

Ayman Hayder, CEO of MMPWW, said: Compliance isnt something that is negotiable, and as more legislative reforms come into effect, its crucial that we equip our clients with the right tools and technology so they can be fully prepared. This partnership is hugely significant for the region in light of the recent Data Protection Law and the creation of the UAE Data Office, which will have a big impact on how data is transacted across the digital ecosystem. We consider this a golden opportunity to ensure privacy-first solutions become more commonplace, and we are very excited to work exclusively with Aqilliz to bring their technology to the MENA market.

Nader Bitar, Managing Director of MMPWW, added: Today, everyone needs to consider data from multiple perspectives, particularly when it comes to data sharing and how this will work in a practical way. With this partnership were bringing this conversation into the open, so we can all collaborate and join forces in building a data-focused, privacy-led landscape for all advertising stakeholders.

Known for being a pioneering adtech provider across EMEA and APAC, MMPWW offers full-funnel targeting and precision marketing solutions to help their clients reach and engage their audiences in real-time. Deploying a combination of in-house tech expertise with valuable strategic industry alliances, MMPWW equips its clients with the tools and knowledge to better monetize their digital advertising inventory, improve campaign performance, and have a dynamic and transparent way to communicate through vibrant content.

Powered by automation to scale delivery of communications to consumers, the company aims to create the next generation adtech solution through effective data mining and tech-driven attribution modeling, offering a cookieless targeting approach to digital advertising. With its headquarters based in Dubai, MMPWW continues to extend its global operations with offices in Lebanon, Singapore, and throughout Europe.

In partnering with Aqilliz, MMPWW and its brands will be set up as nodes across Aqillizs hybrid blockchain environment, enabling them to access an immutable digital ledger of transactions that will record all processing activities of audience identification and matching. This ensures the utmost data provenance of these activities, in line with auditing requirements stipulated by data privacy laws.

Gowthaman Ragothaman, CEO of Aqilliz, said: Legacy technologies in the advertising and marketing technology ecosystem are built for centralized operations. The future of digital advertising is built on managing the value exchanges between brands, platforms, and the consumer, for which we need decentralized solutions in order to be secure and compliant. None of the existing solutions are able to capture and carry consent and provenance across the digital supply chain in order to be compliant. I am extremely thrilled to be partnering with MMPWW in bringing this first-of-its-kind initiative to the marketplace.

Led by ex-WPP industry veteran Gowthaman Gman Ragothaman, who has spearheaded blockchain-based advertising initiatives with global conglomerates, Aqilliz was founded in 2019 with the aim to bring greater value to the marketing ecosystem by leveraging emerging technology and delivering solutions that ensure safe, secure, and compliant data sharing between businesses and consumers. Aqilliz is also a founding member of the Data Privacy Protocol Alliance (DPPA), an industry body that works towards the future of privacy and data protection.

Aqilliz CEO Gowthaman Ragothaman and MMPWW CEO Ayman Hayder are both available for interviews

About Aqilliz

Aqilliz offers a first-of-its-kind middleware technology that strives to enable an interoperable and collaborative digital marketing ecosystem. Our patented infrastructure, Atom, incorporates privacy-preserving techniques that help enterprises jointly perform advanced analytics on a federated layer and records such processing of activities on a distributed ledger. Such a trusted layer encourages enterprises to unify different proprietary technologies thereby helping the marketing ecosystem collectively discover sharper insights in real-time, for efficient and effective activation. Rooted in the principles of ethical use of data, Aqilliz benefits brands, platforms, and consumers alike through solutions in the fields of cross-media measurement, privacy-compliant marketplaces, and digital advertising supply chain automation. For more information, visit aqilliz.com.

About MMPWW

Adtech on Point

Powered by automation to scale delivery of communications to consumers, MMPWW aims to create the next-generation adtech solution through effective data mining and tech-driven attribution modeling, offering a cookieless targeting approach to digital advertising. MMPWW equips its clients with the tools and knowledge to better monetize their digital advertising inventory, improve campaign performance, and have a dynamic and transparent way to communicate through vibrant content. A leading industry voice, the company also educates its stakeholders on building a safer media ecosystem through the use of state-of-the-art technologies to empower and scale the advertising equation forward.

For more information, visit mmpww.com

Continued here:

MMPWW announces exclusive tech partnership with Aqilliz in MENA - AMEinfo