London, 29th April 2014 - One third of European organisations still aren’t aware of major new EU data protection regulations proposed by the European Commission, with a worrying knowledge gap between the most and least clued-up nations, according to Trend Micro.
The internet pioneer commissioned Vanson Bourne to interview over 800 senior IT decision makers across the region and found 36% unaware of the coming EU General Data Protection Regulation, despite its potential to introduce major changes which will supersede local laws.
These include proposals which would force firms to give citizens the “right to be forgotten” – erasing all online records of their personal data – as well as potentially punitive fines for non-compliance.
There was a significant disparity between those countries where respondents were most aware of the regulations – including Germany (87%), Poland (73%) and Italy (72%) – and the UK (50%).
Likewise, a quarter of European firms interviewed said they didn’t even know broadly what the proposals would require in their current form.
Once again, Germany was the most clued up nation (93%), followed by Italy (83%) and Poland (81%), with the Nordics (60%) and Benelux (63%) trailing last. Also worrying is the fact that almost half (45%) said they didn’t know that the new regulations would replace local laws. In Germany, 79% said they knew this – the most for any EU country – followed by Italy (70%). UK (44%) and Nordics (36%) organisations were least knowledgeable on the matter.
“There does seem to be a major lack of understanding,” said James Walker, security expert at Trend Micro. “No organisation is exempt and there is a need for this to happen. It will become the law in every member state and businesses need to prepare themselves.”
The percentage of organisations unsure as to whether the coming regulations would apply to their own business or not varied greatly across Europe. Predictably, only 5% of those in Germany were not sure, but this figure rose significantly for France (16%), Benelux (17%), Italy (18%) and the UK (20%).
Although 82% of European organisations are aware that fines are likely to be introduced for non-compliance with the EU General Data Protection Regulation, a sizeable number (38%) admitted to not knowing how high they might be.
Across Europe, most organisations said they thought it the role of their national government (32%), the European Commission (19%), data protection officers (15%) and industry bodies (14%) to raise awareness over the coming regulations, according to Trend Micro. “Europe is doing the right thing. Regional governments need to create advisory groups to help businesses understand what’s required of them, what technology and process changes there will need to be,” added Walker.
About the research
The research was carried out in April 2014 by Vanson Bourne and surveyed 850 senior IT decision makers across Europe. Specifically, there were 250 respondents in the UK and 100 respondents from each of the following regions: France, Germany, Benelux, Nordics, Poland and Italy.
About Trend Micro
Trend Micro Incorporated (TYO: 4704), a global leader in security software, strives to make the world safe for exchanging digital information. Our solutions for consumers, Trend Micro™ Smart Protection Network™ provide layered content security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. Leveraging these solutions, organizations can protect their end users, their evolving data center and cloud resources, and their information threatened by sophisticated targeted attacks.
All of solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™, and are supported by over 1,200 threat experts around the globe.
For more information, visit www.trendmicro.com/en_gb/. Or follow our news on Twitter at @TrendMicroUK.