So you received all the emails with updated privacy policies, May 25th came and went, and none of us blew up— physically, at least. Yet only a few business days after, the first effects of GDPR’s enactment have become apparent. Facebook (with subsidiaries Whatsapp and Instagram) and Google already face lawsuits of up to $8.8 billion, filed as soon as GDPR went into effect on the 25th at midnight. These complaints were filed throughout the EU with Austrian, French, German, and Belgian data regulators by infamous privacy advocate Max Schrems.
What’s at Stake?
Fines of up to 20 million EUR or 4% of annual global sales can be levied for failure to meet, amongst others, the following requirements:
- a subject’s right to receive any personal data of theirs being processed
- a subject’s right to have their data deleted
- a subject’s right to have their data transferred
- the deletion of personal data once it is no longer being used for its original purpose
So what’s everyone thinking of GDPR so far? ZL Tech’s Associate General Counsel Linda Sharp gathered a panel of experts— ADP’s Global CPO Cecile Georges, CBRE’s Global Director of Privacy Shannon L. Clark, retired United States Magistrate Judge for the District of New Jersey and Senior Counsel at Dentons Ron Hedges, and BDO Director Jim Koziol— to share their thoughts on the 23rd, before GDPR came into full effect. The panel discussed unexpected challenges of GDPR and areas of compliance that have may have been overlooked. With suits already being filed, it’s imperative we cover our bases.
You, Me, and GDPR
GDPR is going to affect us all, across a wide range of job functions. I could go on and on about all the implications of GDPR the panelists discussed, but instead I’ll focus on one here. If you’d like to watch the full webinar later (and I’d highly recommend it), you can find a link at the end of my post. For now, I’ll discuss one element of GDPR that affects my life on a daily basis.
During the webinar, Jim Koziol and Shannon Clark addressed the implications of GDPR on the marketers. Shannon mentioned how, as a whole, managing and tracking consent for marketing communications had become a much larger task than she’d previously imagined. One example from Jim stood out regarding this: even something as simple as collecting business cards at a trade show changes drastically when those cards are from men and women in the EU. That being said, where does that leave marketers when sending out emails or tracking Twitter clicks? Suddenly, GDPR is more than a set of statistics or ambiguous predictions; its tangible affect can be felt across many elements of my team’s work.
If you’re interested in learning more about GDPR, whether that’s how to effectively hire a consultant or build a team, the direction experts think GDPR is headed, or even strategies for getting executive buy-in for your GDPR compliance program, check out the full GDPR webinar here.