Clocking in at just over a month since the GDPR enforcement date of May 25, 2018, major industry giants have been hit right out of the gate with lawsuits seeking to fine both Facebook and Google the equivalent of over $8 billion dollars each. The new GDPR regulations demand clear consent, as well as justification for the collection of any personal data collection from users, clients, and employees of any business, great or small. The onslaught of privacy activists that have jumped on these larger corporations started with industry behemoths Facebook and Google, but have now taken on Apple, Amazon, and LinkedIn as additions in an act to show that they are serious about privacy.
The GDPR allows the unique ability for non-profit organizations to make complaints on the behalf of citizens that might be affected; thus, the serious complaints from None Of Your Business (NYOB), headed by Max Schrems. The French digital rights group La Quadrature du Net, similarly had big corporations in mind, tackling Apple, Amazon, and LinkedIn in addition. The privacy-advocacy groups based in Europe claim that the big companies’ policy updates are still not in compliance with the regulations of the GDPR.
With news of the GDPR received years before it actually went into effect, along with the extensive media coverage leading up to the May 2018 date, it’s conceivable that there should be no business owner alive without some knowledge of the EU-led demand for a new approach to privacy. As reported over and over again, the GDPR effects much more than EU-based corporations and has a much greater scope than going after industry dominating corporations.
GDPR Implications for Small Business
Indeed, larger corporations spanning social networks and social engines are receiving the greatest attention with a myriad of news coverage in the short month since the GDPR has gone into effect no doubt trailing on the Cambridge Analytica scandal from earlier this year. But companies of any size, even smaller organizations, will eventually be affected by the EU regulation.
Smaller operations that offer European Union citizens a service can just as easily be targeted—with severe penalties. If we’ve learned anything from the proceedings with Facebook, Google, Amazon, Apple, LinkedIn, proportionate disciplinary measures will be more hastily felt by smaller corporations who have less capital to fight back. As a result, some small businesses that don’t have the resources to achieve the major changes in adapting privacy settings and upgrading processes to account for the new regulation are choosing instead, to shut down their European operations.
But the GDPR affects almost any company that touches the internet. Small companies that provide online goods, for example, still have to worry about the regulation, as the internet is a global medium. Another example of how this will affect small business is through those that have a regular outgoing newsletter or advertising email campaign. It’s likely that email addresses have been collected from citizens in Europe, but nearly impossible to know the locations of each and every email address you’ve acquired.
The Privacy Trend
Several articles have been circulating the internet to help companies of any size take steps to implement the GDPR since it was first announced. For businesses with limited resources and no previous preparation, the scare caused by the recent news will likely be enough to get most businesses thinking about the consequences for non-compliance. The aftermath of the mistreatment of customer data can be up to €20 million or 4 percent of a company’s global revenue.
With data protection in the spotlight brought on by big names, it has led to discussions about privacy. Many customers will be taking greater pains to make sure their data is properly protected. The threat to digital privacy is no doubt being used in the media as social warfare, recently with the attack on social innovators Facebook, Google, and many more. It’s a hot item and consumers have had overall inconsistency about the level of exposure they think is fair, but the GDPR has spurred momentum that is likely to disseminate throughout the US. We shouldn’t be surprised that in the light of these big company scandals, US privacy laws will expand.
The European standards can be viewed as a transition for what is to come—a shift in privacy standards that will become a new normal and should be considered and implemented in any organization engaged in the battle for customer data privacy. Privacy is a valuable commodity, and whether a consumer takes a special interest in protecting it or opting for the convenience of not caring, it seems as though it will be a force that continues to drive the discussion. Failure to adhere to this surfacing demand for privacy will continue to reap consequences through the GDPR, future initiatives made in its image, as well as commercial exploitation. But we can be sure that we haven’t seen the end of a fight for privacy.
For more information or to speak with Crossroads Technologies, Advisory Services Division, contact us at 1 (866) 216-4366 or engageThis email address is being protected from spambots. You need JavaScript enabled to view it..
Articles You Might Find Interesting:
7 Things Every CEO Should Know About the Cloud-Video
5 Things Every CEO Should Know About the GDPR
Is Shadow IT Infiltrating Your Business without Your Knowledge?
Your May 2018 Cybersecurity Recap-Video
Share this article: