In May 2018, Europe’s General Data Protection Regulation (“GDPR”) became effective, promising to ensure better protection of sensitive customer and workplace data, and impose penalties on noncompliant organizations. The business world has had 30 months to assess whether GDPR has fulfilled its promise, and according to a new survey conducted by the ZEW, a European research firm, the results are mixed at best.
The ZEW Survey
In March 2020, ZEW conducted a survey of 600 companies in the German information economy and had the following findings:
- Over half of participants have a negative view of GDPR
- Only 5% of participants had an overwhelmingly positive view of GDPR
- Over 60% of companies surveyed reported that the GDPR has made business processes more complicated, expensive and onerous, including:
a. Implementation of extensive changes in information obligations and data subject rights
b. Implementation of new concepts such as Privacy-by-Design and Privacy-by-Default
- 17% of the companies in the survey stated that they saw the GDPR as a threat to their own business activities, due to the increased costs and the slowing of innovation caused by restrictive data processing rules
- Only 20% of respondents believe that the GDPR provides legal certainty
- Only 36% of companies reported to have reviewed and optimized their processes as a result of the GDPR
It’s likely not a surprise that businesses are irritated by GDPR (and other data privacy laws as they are implemented), as most regulations curtail behavior that can often be lucrative for those companies engaged in it. What is particularly surprising is that there is still so much uncertainty around GDPR more than 30 months after its effective date, as well as the relatively small number of companies who have taken proper steps towards achieving compliance.
How Can Clym Help?
Clym provides a cost-effective, scalable and flexible platform to comply with GDPR, CCPA and other laws as they come online. Contact us today about how your company can implement Clym to help manage your data privacy regulation compliance from a global perspective.