Two years in, GDPR defined by mixed signals, unbalanced enforcement
The world’s most stringent privacy law, the European Union’s General Data Protection Regulation (GDPR), turned 2 years old on 25 May 2020. In those 24 months, the rules have put data privacy compliance on every board’s agenda and have given Big Tech notice that their activities – and revenue streams – are under review.
Yet while companies have made great efforts to comply with the regulation, many feel they still do not fully understand what it requires of them. Instead, many organisations are more acutely aware of the potential draconian punishments awaiting them if they mismanage data or fail to protect it properly.
In a detailed new article, Compliance Week takes a look at GDPR enforcement trends and efforts to standardise regulatory approaches so far and how lingering questions about compliance – as well as non-compliance – may be answered going forward.