GDPR Trolls

Patent trolls are not a new phenomenon. They buy patents for the sole purpose of extorting and suing companies. Since patent-related litigation proceedings are complex and time-consuming, the fees for defending a patent claim in court proceedings may exceed one million U.S. dollars. Therefore, many legitimate companies (especially startups) prefer to pay the requested settlement fees instead of defending their rights. According to CNN, just within the period 1990 – 2010, patent trolls cost investors 500 billion U.S. dollars.

Patent trolls can target a limited scope of companies, namely, companies using patented inventions. For example, they cannot target a company that does not use any patented inventions, and its only online presence is a simple website containing an online contact form and information about the company. However, there is a new EU data protection law that will open the door to a new type of trolls. The law is called the General Data Protection Regulation (GDPR), and the new type of trolls can be called GDPR trolls. The GDPR requires organizations collecting and processing personal data to take various organizational and technical security measures to protect such data. It applies to all organizations (also non-EU based) that target EU residents and/or collect personal data of EU residents.

The GDPR trolls can be divided into two categories, namely, GDPR trolls using automatic systems to detect websites that do not comply with the GDPR (see Section 2) and GDPR trolls attacking large companies (see Section 3) and hoping that those companies will agree to pay large settlement fees. These two types of trolls will be examined in more detail below.

Certainly, even after the widely advertised entry into force of the GDPR (the law become effective on 25th of May 2018), many organizations located all over the world (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Daniel Dimov. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/G1OqYIQNf_A/