It has now been one year since the European Union’s General Data Protection Regulation (GDPR) compliance deadline passed. While criticism of the GDPR still is voiced in certain circles, the focus of the U.S. tech giants’ corporate political activity has shifted mainly to the United States, where there is discussion of a potential federal privacy law.
Awareness-raising continues, and complaints of GDPR violations has increased compared to those under the previous law. For example, the French CNIL registered a 32.5 percent increase in complaints in 2018 over 2017. Meanwhile, the privacy profession has boomed, with an estimated 500,000 data protection officers (DPOs) (IAPP estimate), which are required for many companies under the GDPR, being registered across Europe. Many international companies have also been working to adjust their procedures to comply with the GDPR, although sometimes with varying interpretation of its provisions.
In this video, TBS Business School Law Professor Gregory Voss analyzes the first year of GDPR application.