Data protection in the 21st Century has evolved to become a global concern of increasing complexity, driven by the exponential growth in valuable information that must be safeguarded from corruption or compromise. This complexity is worsened by the global exchange and processing of data, which transcend institutional, national, and government jurisdictional boundaries.
For some context, internet searches today can originate from one country and be processed by servers located in different countries. Consequently, data security has become an essential strategy for every organization handling any form of data as countries are also now keen on data protectionregulations.
However, legal and regulatory frameworks are rooted in territorial boundaries and jurisdictional limitations posing a major problem for multinational businesses involved in the processing and transfer of data. Europe has tried to bridge this gap by adopting a more consolidated approach through the EU Data Protection Directive. But the implementation of this directive varies significantly among its 27 Member States.
For instance, nearly every state has enacted its own data security breach notification laws. Obligations related to the content of breach notifications, as well as whether the company has to notify regulators, state attorneys general or credit bureaus vary significantly.
Different countries and regions have distinct obligations and enforcement mechanisms under their respective data protection laws. Inconsistencies in enforcement and interpretation can even exist within a single country. Companies are sometimes confronted by additional challenges of relying on standards and codes not enshrined into law as some jurisdictions may lack formal laws.
Businesses, including equipment manufacturers like Huawei and its corporate customers, grapple with a fragmented landscape of laws and regulations that does not only vary geographically but also by subject matter. This regulatory environment imposes obligations related to surveillance and interception, which directly affect industry standards.
As laws evolve, hardware and software must be modified to reflect the new legal requirements. Companies face additional challenges given that laws are by no means static Therefore, ICT equipment manufacturers like Huawei must continuously adapt their hardware and software to meet evolving legal requirements.
Huawei recognizes the need for a coordinated international approach to data protection and cybersecurity principles. Such an approach would enhance global data protection standards, eliminating the challenges faced by vendors, service providers, and corporations in applying inconsistent standards across different countries.
The company is firmly committed to compliance with all applicable laws and regulations in every jurisdiction it operates in and will take necessary actions to adhere to international sanctions and local laws when required.