One year On from GDPR but what have we learnt?

This week marks one year since the General Data Protection Regulation (GDPR) arrived on 25 May with much speculation and uncertainty. Julia Seary, partner at Roythornes Solicitors, looks at what we’ve learnt and what major scandals, if any, have come to light.
This time last year, GDPR was the hot topic of conversation as its introduction promised to impact nearly every organisation across Europe.
The regulation was introduced to strengthen personal data privacy laws in light of technological advancements and put all European organisations on an equal footing in terms of compliance requirements. In a heavily data-driven world, GDPR was an attempt to update the law in response to the volume, variety and speed of personal data production and its global circulation.
Now that the dust has settled, we can begin looking at how the regulation is really working in practice.
Overall, it appears that significant enforcement activity is minimal, but that’s not to say investigations aren’t taking place behind the scenes. There have been more than 50,000 data breach notifications across Europe since GDPR came into force and here in the UK, the Information Commissioner’s Office (ICO) have received more than 8,000 notifications of data breaches since the end of May 2018.
The largest GDPR fine issued to date has been the €50 million against Google by the French data privacy regulator for lack of transparency, inadequate information, and lack of valid consent in relation to its use of personal data for the purposes of personalising advertisements.
Remember that a maximum fine of up to €20 million or 4% of annual worldwide turnover – whichever figure is greater – can be imposed on businesses which do not conform with the updated regulation.
It appears that transparency and consent (or the alleged lack of them) remains the most popular ICO complaint, particularly relating to the level of detail that people expect to receive. We therefore advise businesses to revisit their privacy policy in order to make content as specific as possible.
The use of data subject rights is becoming another business issue; GDPR grants individuals more extensive rights regarding their personal data which has generated a culture of individuals making repeated and extensive subject access requests (i.e. requesting emails going back many years), often simply to cause annoyance, waste time and incur costs for the data controller.
Immediately following 25 May 2018, there was a surge in erasure requests as individuals sought to clean up their online privacy and security. This seems to have slowed down in recent months – perhaps due to the realisation that the right to request erasure is subject to business requirements, rather than an absolute right to have all information deleted.
Finally, the last emerging data protection trend and a potentially concerning development is the increase in class action-style litigation and so-called “data protection ambulance chasers”. Some claimant law firms are attempting to build business off the back of data breaches – even if the breach gives rise to little risk of damage.
In order to avoid business impact and interruption our advice continues to be for organisations to review and update data privacy documents, implement GDPR training, and assess all data flow and transfers. We also recommend reviewing contracts with third parties and putting a process in place to deal with DSARs, other requests and potential breach scenarios.
Source: contact-centres
Industry: Unified commuication news

Latest Jobs
-
- Microsoft Security Operations Analyst | Bracknell | SC Clearable | SC-200
- Reading
- N/A
-
Senior SOC Analyst Level 2 / 3. Microsoft Security stack | SC Clearable Location: Hybrid remote | Berkshire SC-200 Senior SOC Analyst Level 2 / 3 to join a specialist Managed Security Services business. You will be responsible for advanced threat hunting / triage, incident response etc with a strong focus on the Microsoft Security Stack. Key Responsibilities: Lead and resolve complex security incidents / escalations Conduct advanced threat hunting using the Microsoft Security Stack. Build, optimise and maintain workbooks, rules, analytics etc. Correlate data across Microsoft 365 Defender, Azure Defender and Sentinel. Perform root cause analysis and post-incident reporting. Aid in mentoring and upskilling Level 1 and 2 SOC analysts. Required Skills & Experience: The ability to achieve UK Security Clearance (SC) - existing clearance ideal. (Sorry no visa applications) Must have current experience working with a SOC environment Key experience must also include, but not be limited to Development and tuning of custom analytic rules. Workbook creation and dashboarding. Automation using Playbooks and SOAR integration. Kusto Query Language (KQL).
-
- Service Architect- DACH regions
- Germany
- Upto €110,000 plus bonus and benefits
-
Lead Service Architect with the authority and experience to take control of complex, multi-million-euro outsourcing bids. This role is about leading the Service/ solutioning effort, bringing structure to chaos, and driving the entire bid team to deliver winning proposals. The company area a global managed services business working with enterprise and public sector clients, across Cloud, End-User Computing, Digital Workplace, Service Desk, and Network Infrastructure. What You’ll Do: Lead Service/ solution design from qualification to contract. Control bid teams — architects, pricing, delivery, and SMEs. Break down RFPs/RFIs into actionable, costed, client-ready solutions. Present internally and to clients at decision-maker level. Run solution workshops, own the architecture, and shape the financial model. You’ll Need: Experience working as a Service architect, Service Manager or Customer Success Manager R Gravitas to lead and drive teams through high-stakes bids. Deep knowledge of managed services delivery and commercial models. Strong technical grasp: Cloud, Security, EUC, Unified Comms, Service Desk, and more. Experience leading deals across onshore, offshore, and hybrid delivery models.
-
- Deal Architect- DACH region
- Germany
- Upto €110,000 plus bonus and benefits
-
Lead Deal Architect with the authority and experience to take control of complex, multi-million-euro outsourcing bids. This role is about leading the solutioning/ Service effort, bringing structure to chaos, and driving the entire bid team to deliver winning proposals. The company is a global managed services business providing solutions to enterprise and public sector clients, across Cloud, End-User Computing, Digital Workplace, Service Desk, and Network Infrastructure. What You’ll Do: Lead the deal from qualification to contract. Control bid teams — architects, pricing, delivery, and SMEs. Break down RFPs/RFIs into actionable, costed, client-ready solutions. Present internally and to clients at decision-maker level. Run solution workshops, own the architecture, and shape the financial model. Be responsible for the service Wrap and ensuring the Service meets clients requirements You’ll Need: A back ground with IT Services Experience in a similar type of role, for example: Deal, Service, or Solution Architect in ICT outsourcing. Gravitas to lead and drive teams through high-stakes bids. Deep knowledge of managed services delivery and commercial models. Strong technical knowledge: Cloud, Security, EUC, Unified Comms, Service Desk, and more. Experience leading deals across onshore, offshore, and hybrid delivery models.
-
- Pre Sales Lead- IT Services
- Germany
- Upto €100,000 plus benefits
-
As the Pre-Sales Lead (Sales Engineer/ Solution Architect) you will drive large-scale ICT managed services and outsourcing deals (from €0.5M to €20M+). You'll work directly with Business Development and clients to design high-impact solutions across Cloud (Azure, IaaS, SaaS, PaaS), EUC, Unified Comms, Security (SIEM, PAM), Networks, and Smart Workplaces. What You’ll Do: Lead the end-to-end pre-sales cycle — from RFI/RFP to contract. Design innovative, client-specific solutions with technical & commercial impact. Present at CxO level and steer proposal strategies & financial models. Collaborate closely with Portfolio, Service Desk, Field, and Digital Workplace teams. Support deal shaping with strong knowledge of ITIL, SIAM, Automation, and cost analysis. What You’ll Bring: Have strong experience in pre-sales or solution architecture. Experience with €M+ managed service deals. Deep technical expertise in modern ICT stack and enterprise IT services. Strong German (C1) and English communication skills. Certifications: ITIL v3/v4 required; SIAM, ISO20000 desirable.