EU reevaluates privacy laws instituted two years ago
Over two years after its implementation, the European Commission will today submit a review of the General Data Protection Regulation Act (GDPR) to the European Parliament and the European Council.
The GDPR is the world’s most comprehensive data-privacy bill, giving wide-ranging consumer protections from the commercial use of online data as well as regulating the international transfer, storage and manipulation of that data without user consent. Organisations of all sizes must comply by the stipulations of the GDPR lest they face fines of up to 4% of their global revenues or be forced to change their data practices.
Two years in, the GDPR has shown itself to be a relatively toothless law with little enforcement and underfunded and understaffed regulators. Additionally, in the midst of a pandemic forcing governments and companies to circumvent the GDPR’s policies in order to contact-trace infections, it’s questionable how effective penalisation of future offences will be. Today’s review, originally slated to be released May 25, has been delayed so that regulators can assess how nationally-directed circumvention of GDPR to combat COVID-19 can be explained and addressed going forward. This review will try and paint the law as effective and companies as compliant, but the review will likely not go far enough to recommend more funding to regulators, higher regulatory agency staffing and greater fines for privacy infractions.
Wake up smarter with an assessment of the stories that will make headlines in the next 24 hours. Download The Daily Brief.
