While the GDPR is often criticized for all the rigidity and constraints it brings, the CNIL wishes to demonstrate that this regulation also has positive effects on the French economy.
Indeed, according to a recent CNIL study on the economics of cybersecurity and the benefits of the GDPR, it would have saved several million euros in France.
90 to 219 million euros in losses avoided
In the latest CNIL study published on the GDPR, the organization focuses in particular on identity theft, a phenomenon that affects 200 000 people each year in France according to figures from the Ministry of the Interior.
According to the organization's estimates, the losses avoided thanks to the data protection imposed by the GDPR would have prevented numerous identity thefts that could have caused between 90 and 219 million euros in losses in France, and between 585 million and 1.427 billion euros throughout the European Union.
Finally, it should be noted that to arrive at these statistics, the CNIL focused in particular on a Oxford Academic study from 2018 that already estimated the costs caused by cybercrime. However, the organization admits that these figures remain very theoretical, and that it remains difficult to estimate the direct and indirect costs of cybercrime.
82% savings for businesses
While compensation for identity theft is often transparent to users, it often results in significant expenses for the companies concerned.
According to information published by the CNIL, the savings made thanks to the GDPR would benefit businesses in 82% of cases. But while this has been beneficial to organizations, it should also be noted that the arrival of the GDPR has encouraged many of them to train in cybersecurity.
In 2015, according to the Commission, only 14.2% of companies in France with 10 employees updated their security protocols, before climbing to 18.3% in 2019. And while this figure has been falling since 2022 to 12.1%, this new study could encourage companies to invest more in the security of their infrastructures.
Artificial intelligence, a new challenge for the GDPR?
In its study, the CNIL adds that these figures do not take into account the impact of the GDPR on ransomware, computer viruses, or even botnets that have been avoided thanks to preventive actions.
But while 40% of French companies are said to suffer cyberattacks each year according to Statista, artificial intelligence is facilitating the development of new cyberattacks.
For organizations that are not taking all the necessary measures to comply with the GDPR, as for others, this could involve massive new investments to guarantee user protection.
0 Comments