312-253-4321    Get SUPPORT

Alchetec Blog

European Union’s GDPR: One Year Later

European Union’s GDPR: One Year Later

2018 will be remembered as the year where data privacy was altered forever. From Facebook’s many problems to the launch of the European Union’s General Data Protection Regulation, data privacy has never been a bigger issue than it is today. Let’s take a look at how the GDPR has affected the computing world in 2018-19 and how the past year’s events have created new considerations in individual data privacy.


Before the introduction of the GDPR, individual data privacy was largely an individual’s responsibility. To be fair, in non EU-affiliated circles, it largely still is, but the launch of the GDPR brought to light a lot of issues that people have been talking about for some time: mainly the use of their personal information for corporate financial gain. The GDPR was a response to concerns that some organizations were playing fast and loose with individual’s data that included personal information like names, addresses, email addresses, as well as medical and financial information. In profiting off the capture and sales of this information, the largest corporate tech companies created revenue off the backs of people, creating situations that were simply unfair to consumers and users of these services.

For years leading up to the ratification of the GDPR, EU member states had been legislating their own data protection laws. This trend has been roundly rejected in the United States, but with the implementation of the GDPR, corporations that see themselves as members of the global economy had strict new guidelines to meet in order to be able to use individuals’ data in the same manner as it had been. The GDPR was an amalgamation of these laws and firmly required all businesses to report certain types of personal data breaches within 72 hours to a supervisory authority mandated by EU member nations.

Not only did it give the consumer a voice in the ongoing data collection and distribution scheme, it made businesses cognizant just how important their data management is for the people they depend on. Before the GDPR was in the news, not many organizations were thinking about how a failure to protect customer, staff, and vendor information could negatively affect anyone but themselves. This has led to a wholesale change in the way businesses view data management, the training of their staff, and security investments as a whole.

One Year In

Now that the GDPR has been in place for a year, the results have been mixed. Over 59,000 personal data breaches have been identified by companies that have resulted in notifying regulators. Since sanctions for failing to comply with GDPR mandates carry fines up to €20 million, or up to 4 percent of total revenue from the previous year (whichever is larger), you are seeing a more targeted and strategic approach to keeping data secure, and reporting it quickly when a data breach does happen. To take a look at the results the GDPR had in its first eight months, download the DLA Piper GDPR data breach survey, here.

The takeaway is twofold. Firstly, the GDPR has resulted in a major improvement in data breach reporting speed. Since the mandate gives companies up to 72 hours to notify breached parties, it sets a strict deadline. You likely won’t see situations like the Yahoo! breach where they sat on the information for a year before letting anyone that was affected know they had been breached. The GDPR has also resulted in nearly doubling the amount of reported incidents, not an insignificant number.

On the other hand, fines adding up to €55,955,871 have been levied against the companies responsible for the 59,000 reported incidents, a modest amount for the first year when you consider that about 90 percent of that sum was a single fine levied against U.S. tech giant Google. A French GDPR regulator suggested that this be marked down to more of a transition year than some type of long-term ineffectiveness of the law. It remains to be seen just how effective the law with be if regulators aren’t actively enforcing it.

Effects Abroad

Many U.S. companies do business in mainland Europe and fall under the GDPR regulator's jurisdiction, but domestically, there has been a major change in the way data privacy is viewed. Over the past year, a lot has happened in the U.S. on the individual data privacy front. Not only has the GDPR lit the fire of legislators, it has major tech firm CEOs, such as Apple’s Tim Cook, calling individual data privacy a “fundamental human right”.

While Mr. Cook seems to be in the minority of American tech company leaders (as can be seen by the €50 million GDPR Google fine), it is a step in the right direction. The state of California, not long after the GDPR went into effect, passed its own sweeping (and some would say hastily thrown together) data privacy law, the California Consumer Privacy Act, to protect the residents of the Golden State. Colorado, Massachusetts, and Ohio followed suit with privacy laws shortly after California’s CPA was ratified.

This is good news for individual privacy in the U.S. It’s a far cry from only a few short years ago that resulted in some pretty damning situations for online consumers. Federal lawmakers have balked at making waves of their own in regards to data privacy, but if history is any indication, when states begin passing laws that are outside the norm, the U.S. Congress typically acts to fill the breach.

If you would like more information about the GDPR, subscribe to our blog, or call one of our knowledgeable IT professionals at 312-253-4321.

You Can Benefit from Productivity Consultations
Tip of the Week: Keyboard Shortcuts for Slack


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, July 22 2019

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Cloud Business Computing Productivity Network Security IT Services Malware Software Hosted Solutions Privacy Data Backup Email Hackers Data Outsourced IT Internet Computer Microsoft Productivity Innovation Data Recovery Business Managed IT Services Ransomware Tech Term IT Support Hardware Cloud Computing Business Continuity Mobile Devices Small Business Collaboration IT Support User Tips Backup Business Management Google Efficiency Paperless Office VoIP Communication Android Managed IT Services Remote Monitoring Phishing Windows 10 Upgrade Workplace Tips Disaster Recovery Server Save Money Internet of Things Data Management Cybersecurity Smartphones Managed Service Provider Smartphone Mobile Device Passwords Communications Browser Office 365 Encryption Managed IT Windows 10 Holiday BYOD Artificial Intelligence Quick Tips Social Media Laptops Facebook Wi-Fi Risk Management Employer-Employee Relationship Managed Service Government Compliance Document Management Windows Applications Saving Money Business Technology Recovery Help Desk Antivirus Information Healthcare Virtualization Vulnerability Network IT Management Scam Microsoft Office Vendor Management Analytics Project Management Infrastructure SaaS Training Chrome Blockchain Telephone Systems Unified Threat Management Processor File Sharing Bandwidth Automation Password BDR Tip of the week Mobile Device Management Files Robot Storage Gmail Maintenance Money Two-factor Authentication Word App Politics Apps Router Going Green Virtual Reality Work/Life Balance IT Service Regulations VPN Customer Relationship Management Data Storage Firewall Website Data loss Miscellaneous Tablet Data Security Bring Your Own Device Wireless Hosted Solution Office Upgrades Uninterrupted Power Supply Software as a Service Computers Mobility How To Samsung Remote Workers Assessment Operating System Patch Management Chromebook Display How To Settings Consultation Twitter Unified Communications Health Redundancy Social Management Smart Technology Machine Learning Monitors Network Management The Internet of Things Remote Computing Net Neutrality Server Management Electronic Medical Records HIPAA Gadgets Downtime Digital Payment Big Data Identity Theft Networking Internet Exlporer Access Control Flexibility Users IoT Licensing Cooperation Proactive Virtual Private Network Computing Customer Service Printing Employees Alert Mobile Security Company Culture Outlook Remote Monitoring and Management RMM Windows 7 Hotspot Recycling Cybercrime Wires Zero-Day Threat Shortcut Black Friday Motherboard Point of Sale Professional Services Avoiding Downtime Techology Instant Messaging Manufacturing Bluetooth Downloads Employer/Employee Relationships Migration Development GPS YouTube Security Cameras Lenovo Black Market Fraud Utility Computing Unified Threat Management Computer Repair Crowdsourcing Operations Managing Stress Unsupported Software WPA3 Address Dark Web Screen Reader Google Maps Transportation Heating/Cooling Notifications Language eWaste 3D Printing Travel Backup and Disaster Recovery Technology Tips Bitcoin Cyber Monday Botnet Mobile Computing Supercomputer E-Commerce Virtual Assistant Time Management Disaster Resistance Content Filtering History Finance Hard Disk Drives Multi-Factor Security Proactive Maintenance Sports Chatbots Augmented Reality Cables Dark Data Tracking Remote Worker Superfish Physical Security Servers User Error Wireless Technology Wearable Technology 5G Enterprise Content Management Mobile Data Corporate Profile Fleet Tracking Tech Terms Business Growth Data Warehousing Tech Support Smart Tech Social Engineering Bookmarks Computing Infrastructure Safety Solid State Drive Human Error Mouse Current Events IBM IT Budget Features Wasting Time Proactive IT G Suite Cabling Authentication Hacking Google Calendar Database Management Telephony Identity Digital Monitoring ROI Hacker Cost Management Favorites Teamwork Printer Solid State Drives Vulnerabilities Computer Care WannaCry Asset Tracking Theft Microsoft Excel Automobile Connectivity Search Alerts Enterprise Resource Planning Taxes Hard Disk Drive MSP Permission Comparison Projects Emoji Distributed Denial of Service Modem Electronic Health Records Database Touchscreen IT Consulting Authorization Trending Legislation GDPR Network Congestion Spyware Consulting Notes IT Solutions Processors Hard Drive Conferencing Shared resources Websites Options Legal Law Enforcement IT Technicians Geography Humor OneNote Financial USB Personal Information Mobile Cortana Test Specifications Return on Investment Managed IT Service Private Cloud Cookies End of Support Cyberattacks Voice over Internet Protocol Data Breach Disaster Update Social Networking Education Managed Services Provider PowerPoint Google Drive Cache Software Tips Meetings OneDrive Statistics SharePoint Wireless Internet Gadget Mirgation High-Speed Internet Office Tips WiFi VoIP Employee-Employer Relationship Procurement Firefox Permissions Star Wars Virus Staff Mail Merge Break Fix Spam Nanotechnology Apple Read Only Technology Laws Hiring/Firing Public Speaking Presentation Information Technology Public Cloud Fun Printers Lithium-ion battery Students Cleaning Hacks Motion Sickness Regulation Hard Drives Marketing Budget Competition Relocation IP Address Staffing Emergency Sync IT Consultant CrashOverride Mobile Office Mobile Device Managment Domains Error Administrator