The GDPR was implemented in the European Union on 25 May 2018 with the main objective of strengthening the protection of EU citizens’ personal data, adapting to the rapid evolution of digital technology and harmonizing data protection rules across the Union. After six years, it is time to assess the impact of the Regulation, address the challenges encountered and consider its future prospects.
Strengthening the rights of European citizens in the event
The GDPR has significantly raised awareness among south africa telegram data European citizens about their data protection rights. Important rights such as the right of access, the right to data portability and the right to erasure of personal data (also known as the “right to be forgotten”) are now firmly established and are increasingly being exercised. This gives EU citizens greater control over their personal data and a better understanding of how it is processed and used.
You may also like: GDPR – What data to collect and under what conditions?Improved transparencyThe GDPR has forced companies operating in the EU to be more transparent in the processing of personal data. Data controllers must ensure that users are informed in detail about the purpose of data collection, the retention period for which the data is stored and their rights as data subjects. This allows users to greenLetter: Is this hot? better understand the processing of their personal data and make more informed decisions.
High fines for violationsOne notable feature of the GDPR is the very high fines for non-compliance. Companies that fail to comply with the rules can be fined up to €20 million or 4% of their australi data annual global turnover, whichever is higher. These harsh penalties have helped companies take data protection seriously and step up their compliance efforts. Famous cases, such as the hefty fines imposed on Google and Facebook,
show that supervisory authorities are prepared to act firmly in cases of non-compliance with the GDPR.
Complexity and costs of implementation
Many small and medium-sized businesses are struggling to cope with the
complexity of the GDPR and the resulting costs. The requirements for documentation and
proof of compliance are often difficult to meet, especially for companies that do not have the necessary resources. This has led to a certain amount
of work overload for many companies and is a barrier to full implementation of the regulation.
Application and controlAlthough the GDPR provides for severe penalties, enforcement is not always very effective. Many national data protection authorities do not have sufficient human
and financial resources to pursue all infringements in a comprehensive and consistent manner. This in turn can lead to uneven enforcement of penalties across Member States.
Long disclosure clausesA frequently mentioned problem is the endless information clauses
that companies have to insert “at every opportunity”, but which no one reads, except for data protection lawyers. Unfortunately, the supposed information function sometimes turns out to be somewhat illusory. According to some company representatives, clauses drafted in this way do not contribute to raising awareness among the persons concerned. This only changes when there is a dispute or a complaint from the person concerned.