LIVE FROM GSMA MOBILE 360 SERIES – PRIVACY & SECURITY: While describing it as an “amazing execution of law making”, Christoph Steck, Telefonica’s director of public policy and internet, said the EU’s General Data Protection Regulation (GDPR) may not be able to keep up with an ever-changing industry.

He said the GDPR, which by May 2018 will require companies across the EU to up the security on how they collect and use personal data, echoes the operator’s own sentiments of empowering consumers, giving them transparency and choice.

However, Steck expressed concern companies not based in Europe, but which deal with EU citizens, will have to abide by the regulations, which he noted could become chaotic, especially if all countries come up with their own rules.

He also believes politicians need to work to create a guideline with flexibility build into it, “otherwise it could be very hard to regulate markets that reinvent themselves every year”.

Meanwhile, Ondrej Vlcek, EVP and GM of consumer business at security software company Avast, said the regulation is a good start and was much needed because the old legal framework was outdated, but cautioned it is not going to be sufficient.

Vlcek also said the onus for security lies with businesses, as consumers have “better things to do” than educate themselves.

This, he argued, is proven by the fact security firms have been warning users for years about not clicking on email links from sources they don’t trust, yet people continue to do so.