Almost a year after the ominous GDPR regulation was passed in the EU, it\u2019s time to look back and measure its true impact. The ambitious and incredibly strict regulation was meant to bolster privacy and security for European citizens. It also promised to deliver more control over personal data, allowing citizens to outright delete their information if desired.<\/p>\n
Did it do that? What has changed between its rollout in May 2018 and now?<\/p>\n
\n
Throughout the course of 2018, things were pretty slow in regard to enforcement. It made sense, as companies needed time to get their ducks in a row. Many updated or established privacy policies and created advanced data tools to give their users more control. In that respect, GDPR definitely did push the digital landscape closer to where it needed to be.<\/p>\n
But a lot of those changes were superficial. Organizations did the bare minimum to comply with GDPR and interpreted the regulation narrowly. Many dragged their feet before taking action at all, which is exactly why fines are now being lobbed.<\/p>\n
Early in 2019, a German social media platform<\/a> was the first to be fined for non-compliance. Now, bigger fish are starting to fry, Google included<\/a>. It\u2019s clear that 2019 is quickly becoming the year of enforcement, which will encourage many organizations to start taking GDPR requirements seriously.<\/p>\n When it first launched, the regulation didn\u2019t change much. It seemed like more of an annoyance as many organizations and website providers implemented annoying privacy and data security pop-ups. Every new visit to a site was met with at least one distraction asking for user consent. As annoying as it was, it was still a step in the right direction and showed that these companies at least understood what GDPR meant, even if they weren\u2019t taking it seriously.<\/p>\n More importantly, the Irish Data Protection Commission (DPC) has grown in size \u2014 including more staff \u2014 which means they have more resources to devote to incoming complaints. That\u2019s significant because many of the tech giants have their EU headquarters stationed in Ireland, including Facebook, Twitter, Microsoft, LinkedIn and even Google. Complaints that come in about these companies are being reviewed faster and taken into account, which means we\u2019re going to start seeing a lot of the repercussions hitting hard.<\/p>\n Fines aside, Graham Doyle, Head of Communications at the Irish DPC, says they would much rather work with companies to get compliance right<\/a> the first time. \u201cWe take a twin-pronged approach to upholding GDPR: enforcement and engaged supervision.\u201d<\/p>\n Doyle goes on to explain the difference. \u201cEngaged supervision is where we engage with organizations, consult on personal data-related legislation, and with companies regarding their new products. Basically, when we engage with organizations, we try to assist them in getting it right from the beginning.\u201d<\/p>\n So it\u2019s not necessarily about punishing everyone and everything. It\u2019s about building more awareness of user privacy and security and incorporating that practice as a design element of new products and services. Companies that handle incredibly sensitive data are, understandably, seeing the biggest impact. The asset and wealth management industry<\/a> is a great example, as many organizations within its purview struggle to comply.<\/p>\n Not long after the regulation went active, many US-based sites blocked access to EU citizens<\/a> altogether to avoid problems. Rather than update their sites to meet modern demands, they simply bowed out of the equation. Not only does it show a disregard for preserving privacy and security, but it shows that many organizations are unwilling to deal with the requirements and demands. It does make you wonder what will happen if and when the U.S. adopts a similar form of regulation. Over time, that list of blocked sites has continued to grow.<\/p>\n In addition, the use of third-party cookies across many different websites \u2014 news sites especially \u2014 decreased in the wake of GDPR. The decrease is an estimated 22 percent drop<\/a> according to the Reuters Institute for the Study of Journalism.<\/p>\n Finally, there\u2019s been a widespread loss of trust in supply chain partners from marketers and distributors. GDPR raised many questions in regard to liability, leaving the onus on marketers if a third party is not in compliance. While it\u2019s great that organizations are now taking responsibility for how they handle data and privacy measures, we definitely need to see more placed on other parties involved in regular operations, including some of those exempt third parties. How or even if this will happen remains to be seen.<\/p>\n For now, we\u2019ll have to continue to keep an eye on how the regulation is impacting the world at large \u2014 the change is certainly not over.<\/p>\n","protected":false},"excerpt":{"rendered":" Almost a year after the ominous GDPR regulation was passed in the EU, it’s time to look back and measure its true impact. The ambitious and incredibly strict regulation was meant to bolster privacy and security for European citizens. It also promised to deliver more control over personal data, allowing citizens to outright delete their information if desired. Did it do that? What has changed between its rollout in May 2018 and now?<\/p>\n","protected":false},"author":217,"featured_media":4253,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[187],"tags":[95],"ppma_author":[1745],"class_list":["post-1601","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bigdata-cloud","tag-big-data-amp-technology"],"authors":[{"term_id":1745,"user_id":217,"is_guest":0,"slug":"nathan-sykes","display_name":"Nathan Sykes","avatar_url":"https:\/\/www.experfy.com\/blog\/wp-content\/uploads\/2020\/04\/medium_5b077b8d-d190-4522-a96a-8144badf183b-150x150.jpg","user_url":"https:\/\/www.findinganoutlet.com\/","last_name":"Sykes","first_name":"Nathan","job_title":"","description":"Nathan Sykes is founder and editor of\u00a0\u00a0Finding an Outlet<\/a>, a platform for the latest news and trends in business technology.\u00a0"}],"_links":{"self":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/1601","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/users\/217"}],"replies":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/comments?post=1601"}],"version-history":[{"count":2,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/1601\/revisions"}],"predecessor-version":[{"id":29038,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/1601\/revisions\/29038"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/media\/4253"}],"wp:attachment":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/media?parent=1601"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/categories?post=1601"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/tags?post=1601"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/ppma_author?post=1601"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}We\u2019re Starting to Feel the Effects<\/h2>\n
What Has It Changed?<\/h2>\n