GDPR impact … 6 months on

gdpr, gdpr compliance, 2018. 2019





















There is no doubt that GDPR launched us into a new era when it came into effect in the EU on May 25th 2018, requiring us to toughen up policies and safeguards when it comes to dealing with privacy and data protection.

There was much speculation ahead of the deadline about just how seriously businesses were taking the change and how much work they had put into ensuring they were compliant when it became law. It also prompted a great deal of fear, stress and anxiety as businesses tried to cope with the pressures of being ready in time.

We are now six months into GDPR … so what sort of an impact has there been so far?

There is no doubt GDPR has created a greater awareness on the way we need to operate to keep data secure. This has had a positive impact with companies giving more thought to the way they collate, store and use information.

We saw a lot of activity ahead of the May 25th deadline with a barrage of permissions being sought by organisations who held personal information – many from groups known to the recipient and many from those they knew nothing about. It can certainly come as a shock to know just how many different organisations store your data.

Post-deadline there has been a steady reduction in the amount of GDPR traffic but it is important to recognise the need to remain on alert and maintain all the necessary steps to be GDPR compliant. The consequences of pushing GDPR to the back of the mind or assuming you conform to the new laws are something that could cost you dear in the future.

There has been a differing approach by businesses to the way they interpret the new law, some doing it the ‘right way’ by requiring a definite opt-in to continue the relationship and providing a clear understanding of data they collect and how it will be used.

Others go with the assumption you’ve opted in if the company hasn’t heard to the contrary within a specific time limit. It will be interesting to see how these different policies will play out moving forward.

And it isn’t just the EU that has been affected by GDPR

Some companies outside the EU took the decision to “block” the member states meaning they wouldn’t collect personal data from those countries – but any company with some sort of operation within the EU must still be GDPR compliant.

Massive organisations like Facebook and Google have had to take GDPR into account with Google reportedly working on the issue for at least 18 months before the deadline. The company recognises the challenges and is still working closely with regulators and partners to ensure they get it right.

Facebook said GDPR was to blame for the loss of about a million monthly active users across Europe since the law change and claimed the new regulation has been partially responsible for a reduction in advertising revenue growth within the EU.

There are also concerns about the negative effect GDPR will have on the fight to tackle cyber crime, with the information concerning contact details and email addresses of any person registering a domain name now required to be removed. This is leading to greater difficulty in identifying owners of illegal websites who are carrying out malicious activities.

Six months in and the dust really hasn’t settled quite yet. There are interesting times ahead and it may be some while before we can accurately assess the effects of GDPR.

To check whether you are complying with the new law, feel free to telephone us on 01743 290588 or email katy@pcnetsolutions.co.uk