GDPR after 2 years

Technology is evolving at a much faster pace than many of us might have anticipated. These advancements also brought concerns about individual privacy.  One of the goals of the General Data Protection Regulation (GDPR) was to give European data subjects more control over their personal data. To what extent can we ensure that these privacy rights are observed?

Today, almost 2 years after the GDPR was introduced on the 25th of May 2018, we benefit from a system which is protecting our privacy in the more transparent manner. Now all companies, big or small, are legally obliged to have in place an ongoing GDPR compliance programme that includes employee training.

There is no doubt about the effectiveness of GDPR if we consider the significant number of data breaches that have become public as well as the increasing number of sanctions. The UK Information Commissioners Office (ICO) fined British Airways £183 million and Marriott Hotel chain £99 million under the GDPR for not keeping customer information safe from hackers.

By raising awareness, GDPR has helped the public to better understand their privacy rights and even non-EU companies have felt its presence.

Maybe the greatest accomplishment of GDPR was to create a domino effect worldwide by turning attention to data privacy rights.  Recent examples of its influence include the new California law, The California Consumer Privacy Act which was adopted on the 1st of January 2020.

As any good thing, it requires time to be perfected therefore we must continue the fight to defend our privacy rights.  It is very encouraging to see how far GDPR has progressed to date.