The number of complaints that GDPR regulators are reporting has sharply increased over the past few weeks since the legislation came into effect. The greater degree of data transparency the law offers comes as a welcome change to the previous antiquated data protection laws. The duty of care now rests firmly on the shoulders of data processors and organisations to exercise more careful data management practises.
Across Europe, organisations have been endeavouring to tick the boxes for GDPR compliance, some simply for the sake of seeming to strive for compliance. However, looking as though you are merely trying may not be good enough for the stringent regulators. The time has come for data processors to answer for their shortcomings. Data has been described as ‘the new oil’, insinuating that is has become a commodity of great commercial value. With this in mind, the idea that it be treated with less prudence in its storage and management becomes equally unacceptable. A bank that safeguards money does not flippantly disregard the safety of its currency and under GDPR, organisations are no longer permitted to be so negligent with personal data.
“Data has been described as the new oil”
Consider for a moment the prospect of a large-scale bank robbery in which a large magnitude of currency was stolen, resulting in a huge backlash to the bank for not taking the correct security measures to avoid it. The customers of the bank would demand their money to be returned to them with a guarantee that this would not happen again.
Taking the concept that personal data as a commodity with intrinsic financial value, a data breach could be viewed as a kind of data bank robbery. A theft which previously would have gone without any restitution for its victims.
The GDPR has changed this lack of protection for data subjects for the better. Holding organisations that store EU citizens data accountable for the security and careful management of this salient personal information.
A large number of the complaints that EU regulators have received stands testament to the willingness of EU citizens to embrace the new data privacy laws. The organisations that carelessly allow sensitive personal data to be lost are being held to account by those they have failed, the victims of EU data crime now have a platform to voice their concerns with the backup of European regulators.
The GDPR shepherds in a new era of data privacy law that offers much greater protection for EU citizens and their data. Holding organisations responsible for the data they use. With the number of complaints being reported still steadily rising, it is only a matter of time until organisations take note and achieve full compliance by changing the way in which they process EU citizen data, for the better.