Sovy recognised by KuppingerCole Independent Analysts More Info
  • Home
  • |
  • Log In
  • |
  • Contact
  • |
  • 0
Sovy
  • Products
    • Sovy GDPR Privacy Essentials℠
    • Sovy Academy℠
    • Sovy Advisory Services
    • All Products
    • Free GDPR Scan
    • Free GDPR Readiness Survey
  • Resources
    • Free GDPR Scan
    • Free GDPR Readiness Survey
    • Knowledge Portal
    • Data Privacy News
  • Pricing
  • About Sovy
    • Mission
    • Team
    • Investor Relations
    • Partnerships
    • Contact Us
  • Products
    • Sovy GDPR Privacy Essentials℠
    • Sovy Academy℠
    • Sovy Advisory Services
    • All Products
    • Free GDPR Scan
    • Free GDPR Readiness Survey
  • Resources
    • Free GDPR Scan
    • Free GDPR Readiness Survey
    • Knowledge Portal
    • Data Privacy News
  • Pricing
  • About Sovy
    • Mission
    • Team
    • Investor Relations
    • Partnerships
    • Contact Us

Data Privacy News

May 24, 2019

GDPR Turns One

padlock

In a few weeks, the GDPR will crawl out of infancy to take its first shaky steps of toddlerdom. One year on, what does the GDPR have to say for itself?

The Buzz

For a dry piece of data protection law, the GDPR has generated an immense amount of chatter. In 2018, GDPR had 300,000 media mentions worldwide (compared to 100,000 for Mark Zuckerberg, for example), and Google ranked its birth trendier than both Beyoncé and Kim Kardashian.

Individual action is a critical part of the GDPR’s enforcement model, so one would hope that this awareness would translate to better compliance efforts. Luckily, that seems to be the case. Individual complaints to Data Protection Authorities about GDPR violations neared 100,000 in January, leading to over 200 formal investigations. While it’s hard to say whether 100,000 is a high number or a low one, it’s certainly higher than it was before the GDPR. That’s good enough for me to tentatively say that the GDPR has made people more aware of and empowered to exercise their data privacy rights.

The Babble

On the other hand, the GDPR buzz hasn’t always led to individual enlightenment. False rumors and paranoia have led many astray. In Ireland, some schools have banned parents from taking pictures of their children at school events “because GDPR”. (Note: it’s most likely ok to take pictures of your kid and others at school events, provided you’re not using other kids’ pictures for commercial purposes.) From the corporate side, many companies are over-relying on consent as their lawful basis for processing when they probably shouldn’t, which increases the burden on both the company and the consumer.

The Teeth

From a business point of view, the GDPR has made a notable impact on data breach notification practices. During the first 8 months, over 59,000 data breach notifications were reported by organisations across the European Economic Area. The Netherlands, Germany, and UK led the EEA with about half of the total breach notifications. (When adjusted per capita, Ireland ranks second and Greece, Italy, and Romania are at the bottom.) This jump in data breach notification marks significant progress for corporate compliance and transparency with the public and the government.

The GDPR has also made a significant impact on regulatory environment across the world. 23 of the EU-28 countries have implemented the GDPR into their national laws, and countries such as the U.S. (California Consumer Privacy Act), Canada (PIPEDA), and Brazil (LGPD) have used the GDPR as a model for updating their data protection laws.

The Gums

While individual complaints and data breach reporting have increased, Data Protection Authorities (DPAs) have gotten off to a slow start in terms of fines and penalties. To date, DPAs have issued €56 million in fines for over 200,000 cases, which feels substantial until you realise that almost all of it comes from a single instance. (French DPA CNIL fined Google €50 million in January.)

Finally, despite the general positive outlook, the fact remains that over 50% of regulated organisations are still not GDPR compliant. In fairness, the GDPR imposes many changes to businesses’ operational and technical infrastructure. But at the same time, citizens and DPAs are mobilising enforcement process at an unprecedented pace, so organisations would do well to kick their compliance programmes in gear.

How Sovy Can Help

The Sovy GDPR Privacy Essentials provides you with the tools you need to help your SME get compliant and stay compliant with the GDPR. Choose a package to suit you, or upgrade today to access all of our tools.

GDPR
Previous StoryWhat is the California Consumer Privacy Act (CCPA)?
Next StoryWhy are organisations still struggling to comply with the GDPR?

SEARCH

CATEGORIES

  • 2020 (13)
  • CCPA (5)
  • Charities (1)
  • Coronavirus (3)
  • COVID-19 (3)
  • Events (1)
  • GDPR (51)
  • Google (1)
  • New Bytes (34)
  • News & Blog (48)
  • Opinions (25)
  • Workplace Conduct (1)

TAG CLOUD

2020 BEUC Brexit CCPA Charities China CJEU CNIL cookies coronavirus COVID-19 cybersecurity data breach data privacy data protection DfE DPC EDPB Facebook fine fines GDPR Google guidance H&M IAPP ICO LGDP LGPD mark zuckerberg Marriot marriott Microsoft notification online education oracle PIPEDA privacy shield salesforce Schrems II tik tok Uber UK US vodafone italy

ARCHIVES

  • February 2021 (1)
  • January 2021 (3)
  • December 2020 (4)
  • November 2020 (4)
  • October 2020 (4)
  • September 2020 (1)
  • August 2020 (1)
  • July 2020 (2)
  • June 2020 (3)
  • May 2020 (2)
  • April 2020 (2)
  • March 2020 (1)
  • February 2020 (1)
  • January 2020 (3)
  • December 2019 (3)
  • November 2019 (1)
  • July 2019 (3)
  • May 2019 (3)
  • March 2019 (2)
  • January 2019 (3)
  • December 2018 (3)
  • November 2018 (2)
  • September 2018 (1)
  • July 2018 (1)
  • June 2018 (2)

LATEST POSTS

  • Tik Tok Accused of Noncompliance with the GDPR
  • EDPB launches guidelines on Examples of Data Breach notification
  • GDPR at the End of 2020
  • The European Data Protection Board launches a series of recommendations following the CJEU’s decision C-311/18 (Schrems II)
  • CNIL fines Google LLC and Google Ireland with a total of €100 million for Using Cookies illegally

QUICK LINKS

  • About Us
  • Resources
  • Privacy Policy
  • Terms
  • Manage Consent
  • Contact Us

Sovy GDPR Privacy Essentials

  • Subscription Benefits
  • Pricing
  • Log in
  • GDPR for Small Businesses
  • GDPR for Enterprises
  • GDPR for Sole Traders
  • GDPR for Charities

SOVY LOCATIONS

Ireland HQ

Registered Office
St Gall's House
St Gall Gardens South
Milltown, Dublin 14
D14 Y882

Trading Office
Meath Enterprise Centre
Trim road, Navan
Co. Meath, C15 TKX6
Ph: +353 (0)1 669-4774

Brussels

Rond-Point Schuman 11
1040 Brussels
Belgium

London

Registered Office
Kemp House
152-160 City Road
London EC1V 2N

Trading Office
9-10 Staple Inn
2nd Floor
London WC1V 7QH

New York

NY Metropolitan Area
2037 Lemoine Ave
Suite 452,
Fort Lee, N.J. 07024, USA

ASSOCIATIONS

Copyright © 2020 Sovy Trust Solutions Limited. All Rights Reserved. Registered in Ireland, No. 610835 and No. 605069