WS 2: GDPR implementation – Blind spots, opportunities, and the way forward
¶ 1 Leave a comment on paragraph 1 0 Ana Maria Correa
- ¶ 2 Leave a comment on paragraph 2 0
- The GDPR came to harmonise data protection in the EU and enforce privacy rights. Businesses recognise its importance in our current data driven economy, but there is still some legal uncertainty around it. A standard interpretation of the GDPR should be suitable for companies’ activities. More guidance is also required from data protection authorities.
- ¶ 3 Leave a comment on paragraph 3 0
- The GDPR involves multiple stakeholders and should take into consideration vulnerable groups, such as university and school students, patients, and refugees. Even if the GDPR represents a global standard on privacy, it is not enough to address the excessive collection of data. Citizens should be offered minimum training at schools, universities, and hospitals to understand the impact of the collection of personal data.
- ¶ 4 Leave a comment on paragraph 4 0
- In terms of impact, the GDPR makes people more aware of privacy rights. There is a major compliance effort with more than 500 000 data protection officers in Europe that aim to guarantee privacy. However, more transparency about its application and remedies is required. Codes of conduct could be a solution for clarifying the purposes and application of the regulation.
It would be great to see a sentence or two, perhaps in the last paragraph, recognising that a potential pitfall/blind spot of GDPR is harming smaller companies that cannot afford to pay large fines relative to their annual revenue in contrast to larger companies that can absorb the cost of non-compliance and has the resources to (potentially) provide a remedy.