IAITAM: Google GDPR protection debacle highlights major liability risk for US companies and investors
Author: -
Google’s recent €50 million General Data Protection Regulation (GDPR) compliance fine sent a shockwave through the American tech community. Though the search giant is contesting the penalty – which is the largest to be issued so far under GDPR – where does that leave other US firms with fewer resources and less sophistication? *
For company managers and investors, GDPR compliance is becoming a major issue. Unlike the cash-rich and tech savvy Google, many US firms, both private and publicly traded, can’t survive a maximum sentence for GDPR non-compliance. And with the accelerating consideration of similar privacy rules in the US, are investors right to be worried about data protection protocols?
But the potential liability risk isn’t just limited to companies that process data, however. If an organisation’s software tools include Microsoft, Adobe, IBM, etc., the same tools and companies with which Google has contracts with, then it would stand to reason that more than just the firms that process data are vulnerable to GDPR headaches. New US rules patterned along the European model would present similar concerns.
IAITAM President and CEO Dr. Barbara Rembiesa says “In the ever-evolving landscape of data privacy issues and regulations, now more than ever, is it fundamentally important for US firms to invest in sound IT Asset Management (ITAM). Savvy investors are keen to spot potential liabilities and with the recent Google fiasco, eyebrows are being raised. The firms that have already invested in ITAM programs are ahead of the game and shareholders should know it. If you’re an investor and you don’t know if your company has a mature IT Asset Management program, that should be a red flag.”
Rembiesa was quick to highlight that eight months have passed since the European Union adopted the GDPR. Before that, companies had two years to prepare. If Google was caught red-handed, that should sound the alarm for all US based firms and their investors, according to the IAITAM head.
*Under GDPR, companies found in violation could receive a maximum penalty of up to 4% of their annual revenue.
