Many organizers of congresses and events, who have long insisted on holding events on site, now choose digital or hybrid models for internal and external communication. What many decision-makers are not aware of: Many tools do not comply with the DSGVO or GDPR standard and therefore often harbor security risks.
In this guest article, Julius Thomas, CEO of 3Q, explains which important aspects are important here and how companies find the best possible solution for the respective project.
Why should I pay attention to DSGVO or GDPR?
Since May 2018, the GDPR has always been cited. This does not work, that one is not compliant and have you already checked your website for GDPR? Some clever minds feared the demise of the Internet, as we knew it before the new data protection regulation. Today it turns out: Everything is not so bad! To put it very simply, the European governments have made many adjustments to make it more difficult for companies to resell or misuse European data sets. The GDPR, also known internationally as GDPR, represents a German-language basis and mandatory guideline for data protection.
All companies within the EU are obliged to follow data protection rules. The only goal is that users should know exactly what is happening with their data – but above all with whom the data is shared. However, the GDPR only applies if the company’s headquarters are in the EU. This means: software providers for whom this does not apply may not be GDPR compliant. Now to the question, which at the same time also shows the problem: Which tools do you use in your everyday work and which data do you share about them?
“Domestic quality” does not only apply to food
Let’s look at the example of a bank holding a conference with all department heads. For this, materials, customer data and perhaps even one or the other evaluation of internal figures must be presented. There is also a training video that also contains real customer data. Now imagine that you are the planner(s) of the conference and are asked to name a tool that will make everything run smoothly. The solution to the problem scenario is often Microsoft Teams, Google Meet or Zoom. Not necessarily the best choice if you want to ensure the live stream and training video stay on EU servers.
Many of the video meeting and video streaming tools forward the data to servers outside the EU. So once your content leaves the EU, different rules apply to each and every byte that crosses the border. This poses a major challenge, especially for companies with a lot of sensitive data. After all, those responsible do not want to worry about whether there could be pitfalls lurking in terms of data protection during the live presentation. The problem is – fortunately – not unknown: some streaming providers have specialized in offering companies with sensitive data an alternative for secure video solutions.
So you just have to pay attention to the company headquarters?
Since the main criterion for GDPR compliance is the location of the respective company, one might think that everything is settled. Unfortunately it’s not that simple. With all digital solutions, it also depends on the country in which the servers are located through which your content is distributed. These servers are often not operated by the company itself, but rented from external companies. A provider can have its headquarters in Germany and still store all data on American servers. The GDPR applies to data that such a provider processes internally, but there is no regulation for data on the servers.
So pay particular attention to video technology providers with EU servers. In addition, it never hurts to check the respective providers for seriousness, e.g. the transparency of server structures and content delivery networks. The latter are used when a large number of international viewers watch the live stream. Video streaming providers specializing in GDPR compliance will be happy to give you this information – and who knows? Now that you know which criteria are important for your next events, you may even voluntarily take on the planning to be on the safe side.