By Irvin Shillingford, Regional Manager for Northern Europeat Hornetsecurity
Without robust technical infrastructure and public education, even the best-intentioned regulatory efforts will fall short.
The backlash to age verification laws in Europe and North America shows that cybersecurity regulations can backfire if they overlook privacy concerns or the realities of online behaviour, potentially ending up with a counterproductive rise in identity theft, financial fraud, and overall data vulnerability.
Are new regulation changes unleashing unexpected cybersecurity risks?
The implementation of the UK age verification regulation stirred significant debate among cybersecurity experts and the public. Experts have expressed severe concerns about the growing use of VPN tools to bypass the mandatory identity checks now required for anyone seeking access to restricted online information in the UK. Many fear that the mandatory verification process is prompting people to adopt riskier workarounds.
This is not the first time people have rushed to download VPN tools in response to new, stricter regulations, and it’s very likely to continue. In recent years, there have been similar public responses to legislation in Europe and North America, such as the new age verification legislation in France, Florida’s online protection for minors act, and Canada’s Bill S-210.
Many people simply want the quickest and easiest route to their content. However, they should be fully aware that turning to unverified VPNs could open the floodgates and expose their personal information to serious cybersecurity risks, including identity theft and data breaches. All of these would also grant cybercriminals the opportunity to unleash harmful viruses with immeasurable loss.
As online regulations are becoming stricter, there has been a continuous ripple effect on nearly everyone, reshaping the ways we access information in daily life.
Building trust through smarter systems and informed users
Securing data handling practices and reducing reliance on third-party systems are the most essential steps going forward. Before new regulations are officially introduced, authorities should test not only their technical feasibility, but also how the public is likely to respond so as to define the best way forward.
The age verification rollouts offer a clear lesson. When implementing change, communication is key. Instead of simply pushing the regulation implementation from top to bottom, it is important to communicate openly, explaining what data will be collected, how it’s handled, and who can access it.
After all, data privacy and third-party participation are the major concerns for most people. Therefore, transparency and independent oversight will help build public trust towards new regulations. One’s hesitation to upload their driver’s license isn’t just about convenience – it’s about the confidence in the infrastructure operating behind it.
In retrospect, people tend to look for workarounds when they feel confused about systems. Policymakers are responsible for improving procedures and systems, such as streamlining verification processes without compromising security.
Another crucial aspect that demands attention is widespread awareness training, which is vital for long-term public cooperation with new regulations. Adopting a zero-trust approach will establish an initial defence by applying extremely strict restrictions to protected information, safeguarding personal data from hackers in the rapidly evolving digital landscape.
A mutual interconnection between cybersecurity and regulatory changes
Indeed, the relationship between regulatory changes and cybersecurity is a constantly evolving feedback loop. Cybersecurity threats are the catalysts for new regulations, reminding policymakers to implement stronger legal frameworks. In turn, these regulations help establish higher security standards and promote accountability across industries.
This dynamic exchange benefits individuals, organisations, and governments, as each gains valuable insights from their own perspectives. Understanding the mutual interconnection is essential for policymakers, businesses, and the public to ensure a safer and more resilient cyber landscape.
As technology advances rapidly, regulations must remain agile and forward-looking, which means taking innovation and data protection into consideration at the same time. Collective responsibility is essential to balancing cybersecurity with regulatory changes, bridging compliance and proactive defence, and building lasting trust between lawmakers and the public.
Irvin Shillingford joined Hornetsecurity at the beginning of 2023 as a regional Manager for UK, Benelux, and Nordic regions, bringing more than 30 years of experience growing cyber and software solutions at key businesses. He has held several senior leadership roles running business development teams while successfully leveraging the channel to reach mutual growth goals.
