GDPR Key Takeaways-- Cyber Chief Magazine
The single most significant and beneficial impact of GDPR, both within and outside of the U.S., has been its influence on the public, due to the strong data subject access and transparency rights it features. While the underlying concepts contained in GDPR are not new, awareness of data privacy rights has skyrocketed as a result of the unprecedented amount of press the regulation has generated since its introduction. Individuals now expect to receive the same level of transparency, data access and control rights as those contained in GDPR, and regulators around the world are facing significant pressure from their constituents to enact GDPR-like data privacy legislation in their own countries. In the U.S. specifically, the rate of newly proposed data privacy regulations is at an all-time high and is likely to culminate in the creation of the first-ever U.S. federal privacy law, which some deemed impossible just a few short years ago.
Aki Estrella, privacy advisor, Stellae Legal and Risk Advisors
Mostly, GDPR has changed how companies deal with information and the way they plan for its use. Segregating information, sending notices and training employees/departments to respond to requests from EU citizens have been the most ordinary impacts; however, as we’ve seen, a few companies haven’t quite gotten things right and are dealing with the staggering fines associated with the GDPR. I don’t see any scale-back of companies using data or selling to the EU (or the UK, which passed its own data regulation that is nearly identical).