The inception of GDPR requires all companies doing business in the EU to inform users what data is being collected, how it will be used, protect it, exercise transparency when breaches occur and remove user data completely if requested. As with all compliance legislation, failure to comply results in considerable fines.
Today, most commerce is global, requiring diligence in complying with the regulation across the globe. Affected organizations have two choices:
- Treat all users in a secure, private manner
- Have a completely segmented data flow for EU and non-EU customers (a more expensive option)
Static analysis is a solution for improving the security and privacy of user data, ultimately supporting a security by design approach.