VinciWorks has revisited our popular GDPR
GDPR received the kind of hype normally saved for a celebrity meltdown or an Avengers movie. In 2018, the eponymous EU directive, otherwise known as Regulation 2016/679, scored higher in Google search rankings than Beyoncé and Kim Kardashian. GDPR notched up over 300,000 media mentions, three times as many as Mark Zuckerberg managed. It even spawned a sub-culture of memes as EU citizens drowned under a flood of emails informing them of privacy policy updates and “click here to re-subscribe”.
On-demand webinar – GDPR Mythbusters 2019
As pointless as those activities were – consent was never the only justification to send marketing messages – it helped embed GDPR in the public consciousness in a way few other EU regulations do. And, unlike other pieces of pop culture, GDPR is something individuals can actually use to take control of their
Data protection complaints keep rising
As of 25
Those complaints have sparked 255 separate investigations so far, the vast majority based on the complaints of individuals, as opposed to those initiated by a regulator. Amongst the ongoing investigations of high profile tech companies like Facebook, WhatsApp, Google and Instagram, three fines have already been issued totalling €50,025,280. While €50 million of that is owed by Google, Germany fined a social network €20,000 for failing to secure user data and Austria fined a sports betting cafe €5,280 for unlawful video surveillance.
The activities most complained about are telemarketing, promotional emails and CCTV surveillance, hardly the standard activities of the average tech giant. This shows GDPR isn’t only about big data and bigger companies, it’s helping the average citizen take control of their data and raise the kind of concerns and complaints consumers do for any other product or service in their lives. The UK’s Information Commissioner’s Office (ICO) alone receives over 500 calls each week from individuals concerned about misuse of their data.
Many companies are playing their part in GDPR enforcement, taking their data protection obligations seriously. Over 41,000 breach notifications have been submitted to regulators since GDPR came into force. That’s around 500 data protection breaches every 72 hours – the length of time a company has to report the breach to their national regulator.
Many businesses yet to comply with GDPR
When it comes to compliance, a significant number of businesses, while a minority, still have some way to catch up. Research released by Cisco in its 2019 Data Privacy Benchmark Study revealed only 59% of businesses said they are meeting “all or most” of GDPR’s requirements. The effects of non-compliance speak for themselves. Only 37% of GDPR compliant companies suffered a data breach costing more than $500,000 in the last year, while 64% of non-compliant companies suffered such a breach.
It’s clear that the only people who don’t care about GDPR compliance are
VinciWorks to release GDPR refresher training
Staff should regularly carry out GDPR training to ensure they are continually able to respect and protect individuals’ personal data. We will soon be releasing new refresher training that will help staff maintain awareness of GDPR requirements year after year. Within the same course, users can take advanced modules related to their role. This training will include topics such as how to be a DPO, GDPR for marketing and HR and responding to subject access requests. You can register for updates on the training here.
