Privacy experts tend to regard the GDPR as the trend-setter and gold standard of privacy laws worldwide. The law has proven to be robust, far-reaching, and remarkably influential. Multiple recently passed privacy regulations drew inspiration from it. But four years after taking effect, is the GDPR now beginning to fail, as WIRED speculates?
Short answer: No, it’s not likely.
Many criticisms of the GDPR center around the amount of time enforcement takes. The GDPR took effect on May 25, 2018, and many complaints about alleged privacy violations were filed the very same day. Many were filed by the aptly named European privacy watchdog group NOYB (None of Your Business). As of today, the majority of those complaints remain unresolved. Plenty of similar still-in-progress cases could also be cited. But is this enforcement delay the fault of the law itself?
Helen Dixon, the Data Protection Commissioner for Ireland, says no. “If everything comes at you at the same time, clearly there’s going to be a lag in terms of prioritizing and dealing sequentially with the issues while standing up what is a very significant legal framework,” she explains. She also points to successful instances of GDPR enforcement, such as the record-setting Amazon fine. Dixon believes the problem lies not with the existence of the GDPR itself, but with the sheer number of cases to investigate.
And no one can deny the impact the GDPR has had. Its mere existence has forced companies to think twice about their approach to data privacy and has, according to privacy expert Carl Gottlieb, prevented a long list of invasive practices from ever happening. Recently passed privacy laws would not be as robust as they are, or wouldn’t exist at all, without the GDPR’s influence. Consumers would be left in the dark about how much of their data was being quietly collected and sold. The GDPR has changed many things for the better. It’s also brought many privacy issues into the public eye, especially as the pandemic forced an increase in online communication and remote working. An increase in data collection naturally followed, and received much more attention than it would have otherwise.
Right now, it seems that the problem lies not with the GDPR itself, but rather with working out the kinks with how it is enforced and moving methodically through the sheer number of cases authorities have to contend with. Proposing a solution is far beyond the scope of this article. For now, we feel confident saying that the GDPR isn’t going anywhere. The law stands strong despite enforcement delays.
But don’t let enforcement delays lull you into a false sense of security about your own business practices. Authorities have still fined many companies for even slight violations. To avoid the same penalty yourself, you need to keep track of the GDPR’s every detail and every change. And what better way to do that than by automating the process with 4Comply, our flagship privacy compliance software? Get in touch with us today to learn more.