Have the lessons of GDPR already been forgotten?

25 October 2018

The GDPR has been live for just over five months (at the point of writing this), and in the buildup to its launch you could be forgiven in thinking the apocalypse was nearing. The rumour mill was buzzing with myths of what will and won’t be allowed under the new regulation and many businesses were panicking over the prospect. However, May 25th came and went and for the most of us the world didn’t end. Despite the scaremongering from the more sensational of us at our local networking events, business practices didn’t collapse, business cards are still freely given out, and in many ways it has been business as usual. If you were prepared for the GDPR it wasn’t something to be scared of.

You probably remember the May 24th as the day of the spam! Suddenly every business that you had ever given your details to sent emails on mass begging for your permission to retain your details. Some campaigns had titles like “don’t let this be the end” and “are we breaking up”, leaving us all feeling slightly uncomfortable. Once the GDPR kicked in we were all hoping the madness would stop, but sadly it seems it was just delayed.

From my personal perspective it seems that the GDPR is a distant memory for some businesses, as the spam train is back in full swing. I still receive scam mail and scam calls but to be honest I expected that. After all, such scammers collect data illegally anyway so further regulations were unlikely to stop that. However, I have started to receive junk emails from legitimate businesses I don’t know how they have my details without me realising. It seems old ways are hard to break.

There have been several cases of major GDPR blunders since the regulations came into affect. One of the biggest is probably British Airways asking customers to post their personal details on Twitter to comply with GDPR (read further here), which was a bit of a shock. Many businesses are still getting to grips with the GDPR, but such a misunderstanding is hard to justify. This problem of understanding is  huge issue for many businesses.

Admittedly the GDPR is still very flesh but it seems there are many businesses are viewing it as a storm that has now passed over. Unfortunately for them this is far from the case. The ICO have released their first figures of data breach reports they’ve received and the jump is staggering. According to one report the ICO received 1,792 reports in June, compared to just 367 reports in April this year. That dramatic increase should make businesses sit up and pay attention.

Ultimately when it comes to data protection it seems there is a defeated attitude towards it. Some people think it might be too late. In a way I can understand this mindset. After all one of the issues of the internet age is that once something is out there it’s very difficult to undo it. Our data is already out there so it’s ripe for abuse. However, this attitude shouldn’t make us blasé towards data protection. With the GDPR businesses can’t afford to be blasé. Ignorance is no longer an excuse.

Don’t be lulled that GDPR is over! Many businesses are still not compliant with the GDPR and some aren’t even in the process of sorting procedures to meet the new standards. If your business is in this position you may be playing with fire. There are many steps you can take and the task isn’t as daunting as you may think, provided you talk to the right people. If you’re interested in finding out more or chatting further please get in touch!

Enjoy what you just read?

Sign up to our newsletter and never miss our latest content!


* indicates required

Want to work with us?