GDPR At 2: How To Look At Two Years Of The GDPR Regime?

On May 25, 2018, the EU General Data Protection Regulation (GDPR) came into effect. Undoubtedly, this is the most talked-about legislation that created an unprecedented buzz. Everyone from consulting firms to corporates to individuals was talking about it. And, if you were unaware, you were informed through the most unusual of the sources. I recall that my son came from school and told me that he had an information session about GDPR. Not only that, the swimming pool he went to, for years, was also now telling us what they do with his and our data.

Now, we are in May 2020. Two years have passed. So, it is time to have a perspective on:

1. Why was the GDPR such a big thing? Essentially, what was different that made it one of the most talked-about laws? And, why this change was necessitated.
2. What are the positives? That is, what are the welcome changes we have observed in the last two years?
3. What are the challenges that remain? That is, what have been the open questions that have made experts and companies spend time, and money on.
4. What about enforcement? That is how has the enforcement actions have been. As there was a lot of talk about the severity of GDPR fines, it is key to take this monster head-on and review what happened, what did not happen, and why?
5. The conclusions and way forward. By this, I mean synthesizing everything and making a synopsis of everything while looking forward to what can be expected. Yes, predicting the future is a risky exercise but it is exhilarating. So, I will do it.??

Now, providing a complete perspective on each of the above means, a very long article. And, I do not want to do that. I am sure you also do not want to read a long article. So, I chose to cover each of the above in a series of articles in the coming weeks, likely months.

While this is done, I seek your collaboration, your opinion, and your ideas so that the end outcome is a collective assembly of thoughts. So, come along and contribute. Or, read and enjoy. Either way, I am looking forward to you being part of this journey.

Punit Bhatia is a privacy consultant who is an author of multiple books on GDPR, privacy and sourcing speaker at global events, advisor on privacy matters, and the host of The FIT4PRIVACY Podcast. Punit helps business and privacy leaders in identifying the strategic priorities for privacy compliance and managing the execution in a simple and structured manner. Punit is known to use simple business language while avoiding legal jargon. Punit is a certified Fellow in Information Privacy (FIP), CIPM, CIPP-E, and COP.

Follow YouTube, Facebook, Twitter, Instagram, Podcast, iTunes, Spotify

Did You Know? Punit's book "Be Ready For GDPR" is ranked as #1 and the book "Intro to GDPR" is ranked as #9 in the list "25 Best GDPR eBooks of All Time" published by BookAuthority.com.

The FIT4PRIVACY Podcast - A Podcast For Those Who Care About Privacy is available on iTunes, Spotify, Stitcher and many other platforms.