GDPR-based extortion is a dangerous myth

After the third body, the series of murders becomes less “mysterious” as we are getting hints of a dodgy business deal (a house, or a painting) or a guilty family secret from over 20 years ago. Someone has been blackmailing someone else over this, rather than solve the issue or go to the police. This detective story trope must be plaguing the minds of some GDPR story writers at the moment – forgetting that the blackmailer is usually the 3rd if not already the 2nd murder victim.

Looking to feed the nervous sentiment over the upcoming GDPR, or hunting for follow-up threats to cryptoransomware, the information security trade press is currently producing many stories about GDPR extortion. These stories are not just presenting extremely unlikely scenarios, but by their prominence they actually introduce an unnecessary risk.

Emphasis member Eerke Boiten responds to these stories with an article in Computing.