3rd August 2018
Now that GDPR has been in force for a number of months, we thought it was time to take a look at how it’s affecting businesses. Are companies struggling to keep up? What impact have the regulations had on digital services? Are we likely to see organisations punished with large fines in the future? Here, we take a look at how businesses are coping with GDPR and what challenges they face.
Struggling to Cope with Data Requests
With the introduction of GDPR, businesses have found themselves struggling to keep up with a large increase in data requests being filed. Businesses such as Facebook, Netflix, and Marriott are reportedly overwhelmed by the incredible number of requests they’re faced with, and the administrative burden is thought to be huge. This situation is exacerbated by the concerted efforts of online privacy activists, who are creating apps and websites that make it easier to file a request. The Cambridge Analytica scandal has also thrown a serious amount of fuel on the fire and encouraged greater quantities of people to challenge big businesses’ data collection practices.
Searching for Data
Businesses are also struggling to locate and identify all the personal data that they’ve retained over the years. Customers now communicate with businesses over numerous different platforms, in many different ways, with all the data collected stored in a largely unorganised manner. All parts of a business collect customer data, meaning that the information harvested is often siloed and stored throughout the organisation in different places and ways. Retrieving this data is proving extremely expensive, both financially, and in the amount of time being dedicated to data collation.
Frantic Marketing Messages
As you’ve probably noticed, marketing departments have been hit hard by GDPR and are frantically attempting to contact their customers in an effort to update their consent agreements. Email inboxes have been flooded with messages requesting users renew their consent to be contacted, and businesses are concerned that their marketing base could be drastically reduced by new GDPR regulations.
Slim Pickings from Some Companies
Some businesses have decided to reduce their exposure to potential GDPR punishments altogether by temporarily suspending services or cutting back the products they offer. For instance, USA Today are offering European online readers a heavily edited, ad-free version of their content, while the LA Times and Chicago Tribune online experiences are now unavailable to European users.
This approach has been pursued predominately by organisations operating outside of the EU, who may not have been as prepared for the introduction of GDPR as their European counterparts. This ‘not worth the risk’ approach demonstrates just how seriously organisations are taking GDPR and its hefty financial penalties.
Loss of Important Records
A number of organisations were also forced to delete large swathes of important customer data before and after the GDPR deadline, in order to ensure that they didn’t fall foul of the regulations. The TV and movie review app, Stardust, deleted all EU-based users’ records, as did unroll.me – an email filter app. However, it is worth noting that the vast majority of organisations taking these drastic steps are smaller businesses that simply don’t have the resources to prepare for GDPR or who are unable to build new systems that comply with the regulations.
The GDPR Awareness Effect
The introduction of GDPR seems to have had an impact on public awareness of digital privacy issues. This in turn has affected those organisations that have developed a business model orientated towards personal data collection. With the implementation of GDPR, some companies have experienced drops in membership figures, as users become increasingly aware of potentially troubling privacy policies.
If you are struggling to get your head around GDPR or would like to sense-check your practices to ensure you are complaint then please speak to our expert Alec Brooks, Head of Company & Commercial on 01256 844888 or email firstname.lastname@example.org
The contents of this article are for the purposes of general awareness only. They do not purport to constitute legal or professional advice. The law may have changed since this article was published. Readers should not act on the basis of the information included and should take appropriate professional advice upon their own particular circumstances.
If you are need of professional, reliable legal advice, contact us today.
Lamb Brooks LLP
39 Winchester Street
f: 01256 330 933
© Lamb Brooks is authorised and regulated by the Solicitors Regulation Authority - SRA No 559661.
Lamb Brooks LLP (registered at Companies House OC363909) whose registered office address is: Victoria House, 39 Winchester Street, Basingstoke, Hampshire, RG21 7EQ
Website by Muze