It’s almost been a year since new GDPR regulations were launched in the EU. There are evolving changes to GDPR as well as trends around the world that could affect your global operations. Learn more about the latest changes, ensure you are in compliance with data privacy and protection regulations, and avoid fines and penalties.
Privacy by Design
The importance of privacy and data protection has increased over the past year, with more countries focused on creating privacy laws to protect their citizens. India, Australia, and even the state of California have created new legislation designed to protect consumers and privacy rights. If your global organization is not focused on privacy, now is the time to act. The principles of Privacy by Design are being proactive, transparent, respectful of user privacy, and creating end to end security measures that protect personal data. You can stay ahead of new regulations by adhering to strict privacy guidelines, reviewing your data privacy protections throughout the year, and upgrading where necessary.
Brexit and GDPR
As more time passes and Brexit continues to be delayed, it looks like there may be a “hard Brexit” as the UK leaves the EU. There are several factors that could affect your business in the UK and EU related to privacy and GDPR. The UK is planning to create the exact GDPR regulations once they leave the EU, but the challenge for the UK is that the EU has the authority to judge the UK privacy policies and determine “adequacy”. One issue the UK might face once they leave the EU is the use and placement of security cameras in public areas. It has been estimated that if you walk one block on a street in the UK, there could be as many as 50 security cameras recording your movements. As the EU is very protective of the privacy of their citizens and the use of the data, this has been an issue between the UK and EU, and will continue to be an issue once the UK leaves the EU. The EU could potentially not give the UK an “adequate” rating due to the use of security cameras.
Since the inception of the new requirements in May 2018, regulators have been enforcing and investigating data subject complaints and fining companies for violations. Although the EU regulators are not giving the harshest punishments available, they are fining companies for non-compliance. Google and Facebook are often in the news for GDPR-related compliance issues, but many smaller companies in the EU are also facing penalties. In Denmark, a taxi company was fined £180K for not deleting customer records and retaining phone numbers of previous clients. Uber is also under investigation for limiting drivers’ ability to calculate their own pay and not providing drivers with requested personal data.
If you are not compliant with GDPR regulations, regulators can proceed with fines and penalties against your organization. They can begin a GDPR audit, get full access to any records, company locations, and can even raid your business locations with no warning. They can also order that you stop certain business activities, and give you specific timeframes in which you must comply with GDPR requirements.
Making sure your global organization is prepared for new GDPR updates, following the required guidelines, and using Privacy by Design best practices when creating new products or services to avoid strict penalties and consequences to your global business. To learn more about Blue Marble GDPR and privacy policies, click here to visit our Compliance Center