Has the landmark law helped build a culture of privacy in organizations and have consumers become more wary of sharing their personal data?
“Relying on the government to protect your privacy is like asking a peeping Tom to install your window blinds” – John Perry Barlow, EFF (July 1992).
Any individual who has the slightest engagement in the privacy of their personal data online will likely be sympathetic to Barlow’s quote. It’s been 2 years since the implementation of the General Data Protection Regulation (GDPR), the EU’s data protection and privacy regulation which aimed to give control to individuals over their personal data and to simplify the requirements on businesses.
Are there fewer data breaches? Are companies taking privacy and consent more seriously? Do individuals engage in the protection of their personal information more? It’s difficult to answer the question of whether GDPR has been successful as we don’t know what would have been the state of play if the data protection regulation it succeeded was still in place.
Without doubt, though, the global privacy landscape changed with GDPR. The legislation placed the privacy conversation front and center in capitals and board rooms around the world. There are now in excess of 100 countries and states with individual privacy regulations, some more strict than others, and some of them, such as Argentina, Brazil, Chile, Japan, Kenya, South Korea and California, have clearly taken GDPR as a base model for their own legislation.
The growing number of regulations around the world demonstrates both the need and the willingness of governing bodies to step in, but with the growing number a complexity is created, something years later fulfilled promise
