There is no question that when the General Data Protection Regulation (GDPR) was enforced by the European Commission (EC) on the 25th May 2019 it shook up the corporate world. Consumers are becoming more aware of the handling of their private and personal data and more and more businesses are being held accountable for private data misuse. GDPR is, perhaps, the most elaborate and corporate-defining, set of regulations that the business world has experienced in the 21st century. As the world continues its journey within the digital world, a technological age, regulations such as GDPR are starting to parallel basic human rights, akin to rights such as Freedom of Speech. Our data-driven world requires more understanding and precautions over our personal data and GDPR, for just over a year now, has been enforcing just that. It is important to deliberate and acknowledge how far GDPR has already taken us and what lies ahead.
Understandings & Reflections of GDPR
The unsurprising initial 'noise' of GDPR is starting to quiet down as we move to a more implicit understanding and a greater acknowledgment of the regulation. But what have the outcomes of GDPR been in this last year?
1. Black & White Understanding
If we have learnt anything from GDPR since its enforcement, it is that it provides clarity over who serves it, who it applies to, what enforces it and penalties for incompliance. Business has undergone a major data-driven transformation in the last decade and now, with the help of GDPR, consumers can now begin to understand their rights over their own private and personal data. Data-privacy is becoming an ingrained concept, a right, into our everyday lives, bolstered by the amount of data that consumers interact with, whether it is on social media, buying insurance or practically anything you do in your day-to-day activities. In the last year there have been over 95,000 complaints issued by consumers in relation to GDPR incompliance which highlights that the everyday consumer is becoming more aware and educated to their individual rights of data-privacy and data-control.
2. GDPR`s Muscle Flex
Although GDPR is something that goes on in the background, its repercussions can be disastrous for both small companies and large. The impacts of incompliance aren`t limited to fines, but you may also receive financial sanctions, and, perhaps the most effective drawback, reputational damages. As consumers become more aware of the rights concerning data-privacy, they are less likely to get into business with companies that carry a poor reputation for looking after client data. The EC have pushed fines to companies amounting to "20 million or 4% of global revenue “ whichever figure is higher. Moreover, some of the most notorious financial penalties have recently been handed out to some of the biggest companies in the world, such as Google in January 2019. Google were fined a hefty amount of 50 million by the French National Data Protection Committee, GDPR has proved to the corporate world that no one, no matter how big, is excused from complying with the regulation. The fact that no company can hide from the effects of the General Data Protection Regulation enhances the fact that data-privacy is becoming and has become a norm in society, a core value of human rights and an overall protection of private data.
Where is GDPR heading to next?
GDPR punishes all incompliance and leaves no one to spare. Is it rampaging on to become a tyrant or will the regulation quit while it`s ahead? The good news is that GDPR is out to protect consumers and will hold all accountable for incompliance, naming and shaming as it goes along. The future of the regulation will show it maintaining its current state, providing fines, financial statements and the ever-so disastrous reputational damages that it bears. However, for companies, this means that there will be more of these repercussions until the safety of consumer data can be assured. Our data-driven world will attempt to engrave GDPR into it as natural law, a natural right of each individual and the effects for incompliance are as big as the statement it holds. The European Commission has set a solid precedent in their iron fist approach against incompliant organisations in hope to breed a corporate society of greater legitimacy and trustworthiness. GDPR is trying to create a better future for businesses and consumers to act upon, for consumers to healthily put their trust, their data, into legit and compliant companies.
Cedar Rose is pro-GDPR and since its enforcement in May 2018, we have stayed on top of the necessary policies and regulations to ensure we conduct business legitimately. Companies and consumers have trusted us with their data for over 20 years; we acknowledge them and owe them their privacy in any way possible. We have our Data Protection Officer (DPO) who keeps up with the current affairs of GDPR and makes sure that our company complies with what is necessary. We want to create a friendly and inviting opportunity for our consumers to take part in, a company you can trust with your more sensitive data. We understand the importance of GDPR and wholeheartedly comply with the regulations. We are the go-to data-driven company for the Middle East and North Africa.
But like all companies, we can`t just sit back and say we`ve checked all the boxes, it`s so important to stay abreast of new rules and regulations around business, data and privacy, so do watch out for the proposed EU ePrivacy Regulations possibly coming soon!
See some of our other articles such as `Corruption: Steps to Prevention & Avoid Potentially Harmful Risks`
*** The sole purpose of the article above is to generate public discussion, it has no intention to constitute legal advice. ***