One year On from GDPR but what have we learnt?
This week marks one year since the General Data Protection Regulation (GDPR) arrived on 25 May with much speculation and uncertainty. Julia Seary, partner at Roythornes Solicitors, looks at what we’ve learnt and what major scandals, if any, have come to light.
This time last year, GDPR was the hot topic of conversation as its introduction promised to impact nearly every organisation across Europe.
The regulation was introduced to strengthen personal data privacy laws in light of technological advancements and put all European organisations on an equal footing in terms of compliance requirements. In a heavily data-driven world, GDPR was an attempt to update the law in response to the volume, variety and speed of personal data production and its global circulation.
Now that the dust has settled, we can begin looking at how the regulation is really working in practice.
Overall, it appears that significant enforcement activity is minimal, but that’s not to say investigations aren’t taking place behind the scenes. There have been more than 50,000 data breach notifications across Europe since GDPR came into force and here in the UK, the Information Commissioner’s Office (ICO) have received more than 8,000 notifications of data breaches since the end of May 2018.
The largest GDPR fine issued to date has been the €50 million against Google by the French data privacy regulator for lack of transparency, inadequate information, and lack of valid consent in relation to its use of personal data for the purposes of personalising advertisements.
Remember that a maximum fine of up to €20 million or 4% of annual worldwide turnover – whichever figure is greater – can be imposed on businesses which do not conform with the updated regulation.
It appears that transparency and consent (or the alleged lack of them) remains the most popular ICO complaint, particularly relating to the level of detail that people expect to receive. We therefore advise businesses to revisit their privacy policy in order to make content as specific as possible.
The use of data subject rights is becoming another business issue; GDPR grants individuals more extensive rights regarding their personal data which has generated a culture of individuals making repeated and extensive subject access requests (i.e. requesting emails going back many years), often simply to cause annoyance, waste time and incur costs for the data controller.
Immediately following 25 May 2018, there was a surge in erasure requests as individuals sought to clean up their online privacy and security. This seems to have slowed down in recent months – perhaps due to the realisation that the right to request erasure is subject to business requirements, rather than an absolute right to have all information deleted.
Finally, the last emerging data protection trend and a potentially concerning development is the increase in class action-style litigation and so-called “data protection ambulance chasers”. Some claimant law firms are attempting to build business off the back of data breaches – even if the breach gives rise to little risk of damage.
In order to avoid business impact and interruption our advice continues to be for organisations to review and update data privacy documents, implement GDPR training, and assess all data flow and transfers. We also recommend reviewing contracts with third parties and putting a process in place to deal with DSARs, other requests and potential breach scenarios.
Source: contact-centres
Industry: Unified commuication news
Latest Jobs
-
- IT Cyber Security Recruitment Consultant – Hot Desk
- Beckenham
- Dependent on Experience
-
We are looking for an IT Cyber Security Recruitment Consultant – Hot Desk who has cybersecurity recruitment experience, with a track record of success. Most of the roles you will be required to recruit for will be within the salary region of £50k - £300k, experience placing candidates at this level is desirable. Responsibilities: To provide a consistent, high-quality level of service to new and current clients in order to build a long term working relationships with clients. Detailed, consultative approach to calling passive candidates in order to profile them in detail, against set criteria of skills and experience given to you by your client Achieve and exceed sales targets. Self-manage your daily tasks in order to make sure that the following day will be as successful as possible Have a structured approach with a solution selling ability as the sales cycles are not as quick.
-
- Principal Mechanical Engineer
- London
- Up to £90,000 Base + Bonus
-
Principal Mechanical Engineer Location: London Salary: Up to £90,000 Base + Bonus A Principal Mechanical Engineer is needed for a state of the art, London based Data Centre provider. The Principal Mechanical Engineer will be responsible for all of the Mechanical components (support, development/design etc.) within our clients Data Centre’s. Other responsibilities include but not limited to; Commissioning, approving, design & review/improvement of new data centre infrastructure Commercial’s (Contract negotiation, project finances etc.) Project management Training/Development of other staff General engineering tasks Requirements HND / Degree in Engineering or equivalent. Must have current/recent experience (ideally in a senior position) within a mechanical/electrical position ideally within a DC or Consultancy background Candidates must be UK based and unfortunately, our client are unable to provide sponsorship Ref: PG7608 (M&E Jobs, Mechanical & Electrical Jobs, Engineering Jobs, Data Centre Jobs, Data Center Jobs)
-
- Carrier Service Manager / Access Delivery manager
- London
- Up to £70,000 Base + 10% Bonus + Benefits
-
An Access Delivery Manager (Carrier Service Manager) is required for this Global services provider, to be responsible for vendor management across the European region and to manage the purchasing and delivery of 3rd party Access. Your key responsibility will be to conduct regular service reviews with key providers across the region, provide performance feedback, prepare & present vendor balanced scorecards, drive action plans for improvements and drive the vendor profile management strategy. Alongside the access management, you will act as the services manager to the 3rd party suppliers ensuring that the services being offered are being delivered as sold. If you are interested in this position, you will need the background from a telecoms provider where you have had experience of dealing with 3rd party suppliers, negotiating access services. It is key that you have a relationship with international carriers. Ref RA7293 (Telecoms Jobs, Telecommunications Jobs, Telecommunications Jobs in London)
-
- Cloud Sales Specialist
- London
- Up to £100,00 Base + Double OTE
-
DCL are currently working on behalf one of the fastest growing service providers in London who are on the look out for a Cloud Sales Specialist. The Cloud Sales Specialist will be responsible for selling (opening and closing new business opportunities new business) and being the SME in all things Cloud providing support to other members in the sales team. Preference will be given to the Cloud Sales Specialist who possesses Exceptional knowledge of Cloud Technology (Public / Private / Hybrid.). Proven sales experience of identifying and closing new business within the Cloud market. Must be currently selling into the enterprise market. Consistency on tenure in current and past roles. New business background is a must In return you will be working for a successful, growing SME organisation with excellent sales support from pre-sales, post-sales, project management, service management, bid management, pricing and customer service. Reference Number: BD7588 (Cloud Sales Jobs, Cloud Computing Jobs, Cloud Computing Sales)