• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year

2

Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster

3

Elon Musk on MacKenzie Scott giving away $26 billion of her fortune: 'Sadly,' it makes the world a worse place

1

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year

2

Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster

3

Elon Musk on MacKenzie Scott giving away $26 billion of her fortune: 'Sadly,' it makes the world a worse place
Commentarydata privacy

Commentary: These New Regulations Could Transform U.S. Corporate Titans

By
Peter Zaffino
Peter Zaffino
Down Arrow Button Icon
By
Peter Zaffino
Peter Zaffino
Down Arrow Button Icon
February 6, 2018, 4:02 PM ET
Add Fortune on Google for similar content.

If you follow the breathless coverage of the recent stock market swings, you might imagine that CEOs are glued to their TV sets and refreshing stock tickers by the second. But strategic leaders understand how to separate the signal from the noise, and corporate executives I talk to are far more interested in the macro trends that will impact the global economy—and their companies—throughout 2018 and beyond.

One of these major, game-changing trends will hit the business world on May 25, 2018, when the European Union (EU) will begin enforcing the General Data Protection Regulation (GDPR), a comprehensive and aggressive approach to the increasingly complex challenge of protecting consumer information.

GDPR will codify data protection rules for all companies that collect data from EU citizens while greatly expanding individuals’ control over how and when their personal data is collected and used. And while the regulation is EU-based, it has global reach and implications. If even a single EU citizen visits the website of a company based anywhere in the world and data is collected on that individual, that company must comply with GDPR or risk severe penalization.

But it would be a mistake to think that the impact of these regulations will be limited to the tech titans. Gone are the days when one blanket opt-in can bind all users to broad data collection. Under the new rules, these companies will need to be much more specific about how they will use data and get permission for these specific uses.

But it would be a mistake to think that the impact of GDPR is limited to the tech titans. In the U.S. especially, where many companies are built on their ability to capture, sell, or leverage data to target individuals, the new regulations—which grant individuals the right to have their information deleted from databases under various circumstances—will force businesses of all sizes and kinds to dramatically rethink their data practices.

Companies that don’t comply face potential penalties of up to 4% of their annual global revenue or €20 million, whichever is higher. And with member nations ramping up their enforcement capabilities as we speak (the United Kingdom alone is hiring 200 enforcement staff), it is becoming clear that all companies, not just the industry giants, could be targeted.

Facing a new regulatory minefield, U.S.-based companies have a narrow window of time to assess their capabilities and vulnerabilities and address areas of concern. In the short time until GDPR implementation and enforcement begins, companies should pay particular attention to the four key components of the new regulation:

Breach reporting

U.S. state and federal laws have long required reporting of many types of data breaches, so this is not entirely new. But GDPR expands the definition of a breach, and mandates that authorities be notified within 72 hours—and if the controller determines that the breach “is likely to result in a high risk to rights and freedoms of individuals,” then affected individuals must be notified “without undue delay.” Companies will need to create an expectation among their cybersecurity teams to identify and report incidents much more quickly.

Consent

Getting individuals to check one box agreeing to a thousand words of terms and conditions is no longer acceptable by EU standards. The terms must now be written clearly, consent for each term must be gained separately, and consent must be renewed regularly. Records of consent must be auditable. Companies will no longer be able to rely on the fine print and must have privacy policies that are clear and consumer-friendly.

Access and correction

EU citizens will now have the right to know what information a company has gathered on them. The information must be produced electronically, and wrong or incomplete information must be corrected on request. This will require a new level of record-keeping and will make it harder for bad actors to hide consumer-unfriendly data usage.

Deletion

The “right to be forgotten” made headlines in the U.S. in 2014 when a citizen of Spain won a judgment that Google had to take down personal information about him. GDPR extends this right much further, requiring companies to delete even non-publicly shared data under a variety of circumstances. If the user asks to be forgotten and then a month later gets an email solicitation from that company, they can file a complaint. Following this regulation will be one of the most challenging aspects of GDPR.

Every company needs a plan that maps its data processes and data handling procedures, identifies gaps and actions needed to close those gaps, and prioritizes these actions based on risk. It is also critically important to have clear procedures in place so that if and when a vulnerability is determined, the company is prepared to communicate effectively to lawyers and government officials, as well as customers, employees, investors, and other stakeholders. Compliance officers should keep a very close eye on early enforcement efforts, as they will provide critical insight into how to allocate compliance resources going forward.

At the same time, there is no one silver bullet for becoming a GDPR-compliant organization. Because there is no history to study, all companies must start from square one. The key to success will be adopting the mentality that privacy—like user-friendliness and quality customer service—is a fundamental expectation to be integrated at every level of operations.

With just a few months to go before GDPR takes effect, perhaps the greatest fear is of the unknown. We know that GDPR will cause a fundamental shift in the way companies collect, manage, and utilize the customer data they collect. Yet many companies are waiting for the first shoe to drop in order to react. That’s a mistake. Now is the time to be proactive—for the good of the customer and the business.

Peter Zaffino is the CEO of general insurance and global chief operating officer for AIG.

About the Author
By Peter Zaffino
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in Commentary

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in Commentary

senate
CommentaryCongress
One rare bipartisan AI bill is moving through Congress. Here’s why it deserves to pass
By Neil Björkman and Betsy BrewerJuly 1, 2026
1 hour ago
I know how Gen Z can survive the ‘jobpocalypse’ because I built an AI company — in 2015
CommentaryCareers
I know how Gen Z can survive the ‘jobpocalypse’ because I built an AI company — in 2015
By Jeremy FainJuly 1, 2026
2 hours ago
mr
Commentary250 Years of Innovation
America needs 3.8 million manufacturing workers. This CEO has a blueprint to find them
By Mark RayfieldJuly 1, 2026
2 hours ago
usa
Commentary250 Years of Innovation
America at 250: why the Constitution was built to restrain government, not celebrate majority rule
By Steve H. HankeJuly 1, 2026
2 hours ago
t
CommentaryMedia
Netflix could turn NBC into its biggest bet yet — and this time, the math actually works
By Jeffrey Sonnenfeld and Steven TianJune 30, 2026
20 hours ago
wb
CommentaryLeadership
I grew BDO from $600 million to $3.4 billion. Here’s the 3-part formula that made it possible
By Wayne BersonJune 30, 2026
24 hours ago

Most Popular

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
Success
MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
By Sydney LakeJune 25, 2026
6 days ago
Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster
Success
Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster
By Preston ForeJune 27, 2026
4 days ago
Elon Musk on MacKenzie Scott giving away $26 billion of her fortune: 'Sadly,' it makes the world a worse place
Success
Elon Musk on MacKenzie Scott giving away $26 billion of her fortune: 'Sadly,' it makes the world a worse place
By Sydney LakeJune 29, 2026
2 days ago
'Humanity has chosen to become idiots': This Brown professor switched to take-home exams after a mass shooting and discovered mass cheating
AI
'Humanity has chosen to become idiots': This Brown professor switched to take-home exams after a mass shooting and discovered mass cheating
By Catherina GioinoJune 29, 2026
2 days ago
The U.S. Army is opening military bases to private billions — here's why that changes everything for the next 250 years
Commentary
The U.S. Army is opening military bases to private billions — here's why that changes everything for the next 250 years
By Marc AndersenJune 30, 2026
1 day ago
The retired college professor fighting a $313 trespassing ticket in Wisconsin thinks he's part of a national struggle
Environment
The retired college professor fighting a $313 trespassing ticket in Wisconsin thinks he's part of a national struggle
By Catherina GioinoJune 28, 2026
3 days ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.