Mark Stephens Mark Stephens has been working with Java and PDF since 1999 and has diversified into HTML5, SVG and JavaFX. He also enjoys speaking at conferences and has been a Speaker at user groups, Business of Software, Seybold and JavaOne conferences. He has a very dry sense of humor and an MA in Medieval History for which he has not yet found a practical use.

3 ways that the European Union is changing the way Companies write software in 2018

1 min read

EU flag2018 sees the introduction of a new law after a 2 year transition period. The General Data Protection Regulation will have an impact on any companies selling into any European Union country (regardless of their location). These rules have teeth and the full  weight of the European Court of Justice behind them. Failure to comply could result in fines of 4% of global turnover or €20 million.

Given the size of the EU market (and the undesirability of having different versions of a product for different regions), many companies will make it their default as well.

A key aim of the new rules is to establish a common standard across all EU markets, and the focus is on how companies obtain and store data and what they can do with it. The EU says it is about giving consumers control over their data. This has lots of profound implications but I would like to highlight 3 specific items in this post.

Where you software is physically located will matter far more in 2018

Many products and services now run on the cloud or the data centers. The exact location is going to matter far more as Companies show they are complying with these rules by keeping data in the EU or avoid being impacted by these rules if they are otherwise not linked to the EU markets. Location is already becoming a politically complex issue with several governments seeking potentially more power over their access to data while seeking to reduce the potential of other states to access data.

You can make far more limited assumptions about permission in 2018

Websites already need to ask far more permissions to use cookies and track users. This is going to make developing software much trickier as there will be a conflict between the desire to extract and mine as much data as possible versus the need to comply with these new laws. We will doubtless see some court cases before it is clear what the laws actually mean.

Client Data security is going to be much more important

A key requirement of the new laws is to ensure data is kept securely, so that even if main systems are hacked, the data is not easily obtained. There have been too many embarrassing cases where hackers broke into systems and took easily accessible information which was not secured. So more and more systems are going to use Strong encryption as standard in all systems to ensure all data is secure.

This is actually the reason behind the theme of this months blog post on security and encryption.

The PDF file specification already offers the option to encrypt PDF files using AES encryption. At IDRsolutions we are extending this to ensure that any local data our software creates (cached copies of images from PDF files, etc) will be heavily encrypted as default if the user gives us a password. Without the password (which we never store and the user provides), any local data will be encrypted garbage. This will help our customers to ensure they are meeting the new requirements.

How are you getting ready to meet the challenges of the new regulations?

IDRsolutions develop a Java PDF Viewer and SDK, an Adobe forms to HTML5 forms converter, a PDF to HTML5 converter and a Java ImageIO replacement. On the blog our team post anything interesting they learn about.

Mark Stephens Mark Stephens has been working with Java and PDF since 1999 and has diversified into HTML5, SVG and JavaFX. He also enjoys speaking at conferences and has been a Speaker at user groups, Business of Software, Seybold and JavaOne conferences. He has a very dry sense of humor and an MA in Medieval History for which he has not yet found a practical use.

Leave a Reply

Your email address will not be published. Required fields are marked *