What can we expect in this new year 2022 in terms of privacy and data protection? Surely, anything but immobility. Perhaps it was a false feeling that after the entry into force of the European General Data Protection Regulation things would tend towards stability. That once this point of shared European legislation was reached, it would all be a matter of reaching the required levels of implementation and that for a long time the journey would be smooth.
It cannot be said that we are still in that maelstrom of the days of landing the new regulation, but calmly, the sector of privacy, information security and the protection of personal data, is not calmly. And what is visible in 2022 is no exception.
If it wasn't last year, we can venture to say that it will be one of the words of the new year: cyberattack. We have all learned that no one is out of risk in this regard. With the push for digitalization due to the pandemic, we have seen that the growth in cyberattacks has been brutal. And without focusing on specific victims, whether public bodies, technology companies or large corporations. It is no longer anecdotal or one-off. Therefore, perhaps we need to wait for legislative action to address issues related to ransom payments, their prosecution, new insurance or the elimination of large ransomware gangs. Transferred to the individual orbit, certainly, movements will also be needed regarding phishing, because who hasn't received an SMS, email or call in the last month trying to illegally obtain personal account data, cards or even fraudulent payment demands?
A second issue, which has already begun to move, is how to approach the nebulous world of cryptocurrencies. Since February, there will be specific regulation in Spain of the advertising of these crypto-assets. It is quite exhaustive and specifies a significant number of restrictions. Among others, avoid creating disproportionate or false impressions or expectations with the sole objective of encouraging the consumer to invest in the crypto-asset that is being promoted. And they should not be designed in such a way that they hide or omit data that could be used to make an informed decision for the investor. It is a complex environment and a space where scams can find very easy accommodation.
We will talk more about it. This is only referring to cybercrime, but the new challenges go beyond that.
