SIINDA LOCALCOMM 2017 was a great opportunity to present some pressing GDPR issues to the Search & Information Industry Community. I was honoured to participate in the conference ePrivacy panel.
Following a lively discussion on the EU ePrivacy Regulation Proposal, I used SIINDA LOCALCOMM 2017 London conference to highlight some of those GDPR-relates issues that will significantly affect European data-driven businesses as of May 2018:
Time is running out: On 25th May 2018 businesses already need to be in full compliance with the GDPR provisions, so adaptation activities need to start much earlier, depending on the size of the firm and the complexity of its data processing operations.
GDPR is a game changer in privacy regulation: From appointing a Data Protection Officer and performing Impact Assessment, to making use of pseudonymisation, the GDPR takes data protection to a strategic level, introducing a mix of threats and opportunities that need to be taken seriously.
Will regulators be reluctant to impose 4% worldwide annual turnover fines? That is likely to be the case. But can businesses justify taking that type of risk? The threat of paying a fine will co-exist with the existing threat of reputation damage.
Will Brexit affect the application of the GDPR in the UK? The GDPR will apply in the UK at least until March 2019. After that date, even if an alternative UK data protection act is rushed through the Parliament rapidly, only the same level of protection as the GDPR will ensure free movement of data with the EU for UK businesses. Accordingly, a very similar regime is expected for the UK after Brexit.