The ECJ (European Court of Justice) passed a law in May 2014 that states internet search engines must remove any information that is considered "inaccurate, inadequate, irrelevant or excessive". With this leap forward in user’s rights to their own data, we must question how long it will be before this ‘right to be forgotten’ will not only apply to search engine data, but company data too. Is your company prepared for this?
Curtis, S (2015) for the Telegraph states that between May 2014 and May 2015 “Google claims to have processed 253,617 requests to remove 920,258 links, and approved just over 40 per cent of those requests. In the UK alone, the company has received 32,076 requests to remove 126,571 links, and approved 37.5 per cent.”
Now, put yourself in the shoes of a company that has hundreds of different systems containing a multitude of data sets. A customer rings up and requests that all data of theirs should be deleted. How many work hours would you be willing to sacrifice in order to fulfil this customer’s wishes?
Google is a single (albeit extremely large) company, but if we take their 32,076 requests (in the UK alone!) and divide that by how many working days on average there are a year, 261, then you’re looking at 123 requests per day. Google may have the work force to process this amount of requests. But ask yourself: do you?
Gibbs, S (2014) states that “The European parliament has voted through tougher rules on data protection, aimed at boosting privacy and giving authorities greater powers to take action against companies that breach the rules.”
Failure to adhere to regulatory compliance can have dire consequences for companies. A brief glimpse at various banking corporations who’ve found themselves underprepared can show you just how terrible a situation can arise. Fines of millions of pounds await those who don’t comply with EU regulations.
An example can be made of Barclay’s Bank, who, according to the Financial Conduct Authority, were ordered to pay a fine of £72,069,400 for a lack of regulatory compliance. Are you really willing to risk fines of this magnitude should your regulatory compliance not measure up?
The question then becomes, how can you ensure regulatory compliance without setting aside excessive employee hours to execute EU regulations, such as the right to be forgotten?
I think most people would agree that, with the results of poor regulatory compliance being so dire, a way to condense time in which these regulations can be executed would be the ideal way to tackle this new business challenge.
The Semarchy MDM Solution
With Semarchy’s evolutionary MDM solution, you’ll find yourself with consolidated, enriched and cleansed Golden data, that shows your customer as a whole entity. It enables you to draw partial information from many disparate systems in order to create the entire ‘version of the truth’, allowing you to comply with EU regulations without devoting excessive man hours to locating and deleting data.
With Semarchy’s built-in data lineage capabilities, you’re able to easily and effectively navigate your consolidated master data to discover from what sources your data has come. Forget about trawling through old databases to find a singular record. Let Semarchy remove the legwork, and point you directly to the record in question. This data lineage allows you to efficiently locate source data, enabling you to allocate employee resources to other jobs, thus negating the headache associated with new regulations.
Stay ahead of this new trend in internet data privacy, and make sure you have measures in place to deal effectively with the inevitable rise of ‘the right to be forgotten’.
-Written by Glen Jordan