Main goal of the GDPR was to provide for a better protection of personal data in the digital times. What many did not know is, that the seemingly new requirements have already been regulated in the preceding law, the "Bundesdatenschutzgesetz" (BDSG). Nevertheless, the GDPR caused a lot of agitation and mistrust, not least because many feared arbitrary waves of "cease-and-desist" letters with the commencement of the GDPR. So far, this has not happened. Still, the first review shows, that there is potential for improvement.

The German federal association of information, telecommunication and new media, short Bitkom, conducted a representative survey nearly 1.5 years after the commencement of the GDPR that shows, that only 67% of the companies have implemented the new standards to a geat extent. Only one quarter of those inteviewed say that they have implemented the requirements of the new regulation entirely.

It is becoming increasingly clear, that the GDPR, due to the higher documentation obligation, leads to considerable increase of expenditure. But these are not the only problems: most (especially small and medium-sized companies) are confronted with extreme legal uncertainty. 68% of the interviewed named this as the major problem. Especially in very specific topics it often difficult to figure out the right approach. This is aggravated by inadequately qualified employees and a lack of official guidance.

98% of the interviewed companies consider a rectification and facilitation of the GDPR expedient. Almost as many (95%) think, that a full implementation of the regulation is pracitically impossible.

Despite all criticism, the GDPR has brought additional attention to the topic of data protection and also positive outcome. Thus, the "right to be forgotten" offers users the possibility to delete their personal data entirely if no longer needed.

Unimpressed by the existing discontent in many companies, the EU is working on an extension of the GDPR: the "European Regulation on Privacy and Electronic Communication". It is in the draft state currently, but is expected to aim at the specific data protection concerning electronic communication. Also topics such as tracking on websites via cookies is supposed to be restricted by the new regulation. The EU Commission's first draft lead to protest and criticism, especially by large data logging corporates such as Facebook, Google or many publishing businesses. But there are also companies that criticise the EU and demand to finally find a contemporary approach to the protection of data in digital communication (source: netzpolitik.org). To find a uniform solution that satifies all parties seem more than unlikely at this point. It will probably still take several months until the EU Commission will be able to present a new draft of the regulation. If and when this could be implemented, is currently not foreseeable.

See Bitkom's representative survey: DS-GVO, ePrivacy, Brexit – Datenschutz und die Wirtschaft

For further information, please contact us:

HKS Systeme GmbH
Friedrich-List-Str. 89                            
33100 Paderborn
Germany
+49 (0)5251 529 400
pressehks-systeme.de            
www.hks-systeme.de