GDPR: Where are we now?

Chris Jones
By Chris Jones
25th May this year was D-day for the new General Data Protection Regulation.  
GDPR: Where are we now?
Since then, businesses have had plenty of time to get their ducks in a row and be compliant, so what are the after effects we’re seeing as a result?

Well as an internet user, you cannot seem to escape the various email notifications about updated privacy policies and nor can you seem to visit a website with being asked for your permission to collect cookies…

The good news though, is that many of us do now have a better understanding of what data businesses are collecting about us, where they are keeping it and what they are doing with it, so in many ways, GDPR seems to be working.

For the businesses collecting the data however, it’s not such a huge success story. While there was plenty of warning about the deadline for GDPR, many companies, including some very large, well-known ones, failed to act on GDPR until it was too late. As a result, complaints have already been made against Facebook, Instagram, Whatsapp (basically all Facebook companies) and Google in relation to forcing consent. Moreover, some news providers like the LA Times stopped allowing readers in the EU to access their content altogether rather than risking being in breach of GDPR, which while effective for avoiding the fines, basically proves their lack of preparation for the new regulations.

Although the 25th May seems like ancient history in today’s fast paced world, all in all we are still in a situation where the expectations of GDPR and the reality of GDPR don’t quite align and as a result there are still a few challenges that need meeting.

For example, many business are still struggling to action consumers “right to be forgotten” and for others, employing or identifying a Data Protection Office (DPO) is proving much easier said than done, mainly due to the in-depth IT and data protection law knowledge this individual needs to have. As a result, many businesses are outsourcing the role to third party firms such as Deloitte and PwC and even they may soon run out of hands to cope with all the demands of GDPR.

All in all though, the aftermath of GDPR has been positive for the end user and after all, that’s who the regulations were intended to protect. As a result, other countries are taking notice of GDPR and updating their own data laws to match. In terms of businesses becoming fully complaint with GDPR, well that one is a bit of a waiting game. Estimates suggest around 40% of UK business weren’t ready for the enforcement of GDPR on the 25th May and the chances are, until a well-known company gets fined, they may be unlikely to bother.
 
Our advice, get compliant and keep a close eye on GDPR, because it’s not going anywhere. If you need help with making your business compliant, talk to our experts today. It’s better safe than sorry and better late than never… don’t forget, the fines for being in breach of GDPR could be huge!

Dynamic Insights & advice