When the General Data Protection Regulation (GDPR) came into effect in May 2018, most people assumed that there would be an instant change. However, like many new and far-reaching rules, the effects of this regulation are not quite apparent. So, if you’re worried about GDPR in 2019, here are some things that are likely to happen throughout the year.
GDPR 2019: Compliance will Become more Uniform
Businesses from a variety of sectors struggled to get ready for the deadline in May 2018. Now, research shows that the majority of organisations are still struggling to comply with a critical part of it – specifically, the one where consumers can request copies of the data that companies have about them.
After GDPR began to take effect, a study showed that most businesses failed to meet that request within the required one-month timeframe. What’s more, analysts have also weighed in to confirm that businesses mustn’t just focus on the fines they could receive, but how GDPR could drive an increase of customer trust and overall business growth. So, 2019 could be the year that companies get more uniform with GDPR compliance across industries, positively affecting customer perspectives.
Also, the number of complaints related to GDPR about the lack of compliance has significantly increased in many countries. Some affected entities merely received a warning. Once they did comply, regulators considered the issues handled. However, if businesses fail to show that they are in line with GDPR, they should not expect such leniency.
There are 7 key components of GDPR. However, each one specifies what businesses should and shouldn’t do in order to achieve the goal. As such, it is likely that GDPR will impact ethics as companies engage in data governance and data mapping to make themselves more aware of data usage, data storage and other essentials.
What’s more, data scientists must treat information differently than they did before GDPR came into play. Unless identifying more information is essential to the data’s worth, those who analyse that information must first make it anonymous. This is just one example of how GDPR will have both broad and specific effects on data ethics as of 2019.
Companies must prepare for other Privacy Laws
Some people have spoken about GDPR as if it were the lone development in privacy regulations. However, there are others that businesses must soon comply with. The California Consumer Privacy Act of 2018 (CCPA) differs from GDPR in many ways. This will go into effect on the first day of 2020.
For one, customers must set up dedicated channels for customers to use when they request information regarding what data businesses have about them. Plus, the data detection guidelines for CCPA and GDPR are not the same.
What’s more, the EU will soon update its ePrivacy Regulation, which deals, in part with consent for cookie use. However, the latest version will also address how electronic communications are treated. The current rules only apply to telecommunications providers. This means that companies behind apps such as WhatsApp and Messenger were in the clear. However, proposed changes to the rules would mean that the regulation will apply to
Internet-based voice and messaging apps.
Regulators will Begin to rule more Confidently on Specific Factors
One of the likely reasons for the uneven issuing of GDPR fines across countries, as well as the slow process that comes with it, is that those who make legal decisions do not have legal precedents to guide their actions. However, this year, people should expect regulators to become more concise in their interpretations of the law.
The Risk of Data Breaches could Increase GDPR is designed to keep consumers data safer, but could it make the risk of company-wide data breaches increase?
Almost a quarter of businesses who took part in a poll relating to this topic believe that it could. They make a note about how the need for compliance creates an internal distraction, using resources that may otherwise be devoted solely to cybersecurity. Those who took part in the survey felt that the risk of breached may already be higher than it was before GDPR came into play.
Join us for ESRM UK
Join Whitehall Media’s biannual ESRM conference where we bring together hundreds of Infosec, cybersecurity and risk management professionals under one roof to discuss the latest state of the art technologies and trends in the security space.