It’s been six months now since the General Data Protection Regulation, otherwise known as the GDPR, rocked the online business world. How well are consumers and businesses faring under the new legislation? Let’s take a look.
privacy complaints and data breach reports are on the rise.
Since the GDPR went into effect, CNIL, the French data protection authority has reportedly received a 64% increase in the number of privacy complaints. Seemingly, the GDPR has raised consumer awareness about the importance of data protection. Organizations that care about their reputation would be well-advised to focus on compliance.
At the same time, the number of data breaches reported to the Information Commissioner’s Office has risen since GDPR came on the scene. Does that mean they're becoming more common? Not necessarily. Legal consultant Daradjeet Jagpal attributes the increase to two main causes:
- The GDPR introduced new reporting requirements.
- Some organizations have adopted a “better safe than sorry” approach, reporting even minor incidents as potential breaches.
enforcement is coming.
Although the GDPR went into effect on May 25, enforcement actions have not begun in earnest yet. The delay may have led some people to believe that the law lacks teeth. However, EU data protection supervisor Giovanni Buttarelli recently announced that enforcement efforts would begin to ramp up by the end of the year, so we'd recommend not getting too comfortable. GDPR violations connected to a data breach have already resulted in a €400,000 fine for a Portuguese hospital.
gdpr is affecting mergers and acquisitions.
GDPR compliance is a hot issue when it comes to mergers and acquisitions. In a study recently released by Merrill Corporation, "58 percent of Europe-based survey respondents indicated that they had worked on an M&A transaction that did not progress as a result of concerns associated with the GDPR." Companies that hope to be acquired should carefully review their security and data protection policies as well as ensuring that any third-party vendors with access to sensitive data are compliant.
gdpr is affecting cross-border discovery (and by extension, ediscovery).
What's an organization to do when complying with the demands of US courts places them out of compliance with the GDPR? According to Law.com, "practitioners need to anticipate and raise such issues early, together with reserving the right to assert the application of foreign law, and be aware of the preventative measures that can be taken by clients in terms of where data is stored and processed, to minimize the potential for significant exposure to their clients.”
Of course, when the data in question is multilingual, it’s vital to ensure that the language service partner responsible for translating it is well-versed in GDPR compliance and the latest data security practices.
gdpr is changing advertising.
One side effect of the GDPR is that it’s becoming challenging to track individual consumers across the web. As targeted advertising is becoming more difficult, more companies are falling back on traditional content-based advertising.
What does that mean for international businesses? One effect is that ads can no longer rely on persistence to be effective, at least not for EU customers. Instead of following them around the web, advertisers need to capture their attention while they're interested in related content.
Some people see the GDPR as a necessary counterweight to the incentives for companies to collect (and possibly misuse) consumer data. Others see it as just another burdensome regulation. Either way, one thing is clear: it's not going anywhere.
If you do business in more than one country or more than one language, you need to be compliant. Your organization also needs a language services partner that is well-versed in GDPR compliance and has the resources to support you in the event of a breach.
To find out more about how United Language Group can support all aspects of your multilingual GDPR compliance program, contact us today!