The first anniversary of the EU’s General Data Protection Regulation (GDPR) is May 25. Nearly one year later, have the stricter rules really made a difference for marketers and consumers?
Consumers are definitely seeing a lot more pop-up privacy notices online thanks to GDPR, but the astronomical fines the new regulations threatened haven’t surfaced as of yet, reports CNBC.
GDPR gave individuals in the EU much greater control over the data, including the right to demand that companies reveal how their data is being used, and to ask corporations to destroy their data. But as Laura Jehl, a partner at law firm BakerHostetler told CNBC, consumers are often confused about how they can take advantage of the new laws.
“In the beginning, a number of [EU] regulators informally said ‘we know you guys aren’t ready for GDPR, and to be honest, we’re not really ready either,’” said Jehl.
That grace period will likely end soon, and companies will start to see enforcement begin, said Odia Kagan, chair of the GDPR compliance program at Fox Rothschild.
You May Also Enjoy:
- Why GDPR Can Improve Your Email ROI
- Data Privacy Concerns on the Rise: Report
- Complying With California’s New Privacy Laws
“The higher fines are very likely going to be in connection with very large companies with very complex structures,” said Kagan. “We haven’t seen them because they aren’t done yet.”
Indeed, the majority of the EU’s regulatory agencies simply aren’t equipped with enough staff to deal with GDPR. “I still feel like unless there is a very significant increase in staffing, they are probably going to have to pick and choose the enforcement actions that they bring,” said Kagan.
Some retailers have been reluctant about getting in line with GDPR, due to both the cost of compliance and a fear of losing data essential to their business, Lucas Wojcik, CISO at Productsup said in a Q&A with Digital Journal.
“Many retailers don’t have a good understanding of the GDPR requirements or know how to implement changes into their processes to achieve compliance,” said Wojcik. “Rather than allocate the money and time to ensure their companies are abiding by the regulations, retailers would rather run the risk of exposing themselves to a breach.”