May 2018

One Week Later: 5 Things We Learnt from the First Few Days of GDPR

After all the hype (and a lot of anxiety for small businesses) GDPR finally came into effect on Friday 25th May – and what a few days it’s been!

The new data guidelines provide members of the public the greatest amount of privacy protection they’ve experienced in the 21st century so far, and replaces an outdated and rigid data protection law. In short, it’s a great thing for everybody even remotely concerned about who knows what about them.

There’s obviously a long road ahead – GDPR isn’t going anywhere soon – but how did the first few days fare? And what exactly have we learnt since GDPR went live? We’ve done some research and found out:

1. Not Everybody is Prepared

In the lead up to GDPR’s launch, it seemed unlikely that all small businesses would be compliant in time. In fact, with 90 days to go, 90% of small businesses still weren’t prepared. So, did they all cross the finishing line together? Well, you only have to glance at your inbox and the sustained influx of update privacy policies to know that no, not everybody was compliant in time. 

2. Not Everybody Has to Be

What might come as a surprise to those who didn’t hear is the Information Commissioner’s comments on the matter of readiness: no one in power expected every small business to be ready in time. In fact, the Commissioner reassured everybody shortly before GDPR came into effect, stating that regulators wouldn’t be making an example out of small businesses not compliant in time.

3. Giants Are Targets

With the spotlight off small businesses and frustrations still brewing since Facebook’s Cambridge Analytica scandal, it was only a matter of time before Silicon Valley’s big players saw themselves targeted by GDPR. Except, no one expected it to be on day one. Max Schrems, a prominent privacy activist, filed lawsuits against Facebook, Google, WhatsApp and Instagram totalling around $8.8billion. The crux of the lawsuit is how the internet giants gained user consent, offering them no alternative but to accept and misleading users into consenting in order to see notifications.

4. There’s Still Some Confusion

Although GDPR was announced in 2016 and the ICO was generous with resources and support, there has still been some criticism around how GDPR interacts with individual cases and different business models. That confusion has carried over into the first few days, with the Church of England notably concerned about being able to pray out loud for individuals without their consent. The confusion has now been cleared up, but there is likely to be a few more cases to iron out in the near future.

5. Marketers Are Facing a Tough Road Ahead

If public reception towards GDPR emails has been anything to go by, marketers are sure to face a rough time in the coming months as they adjust to the new reality ahead of them. As reported back in April, some marketers have even put money aside for GDPR fines - a move some might see as cynical, but with confusion abound, it’s possibly the wisest choice.

We’re only a few days into a world with GDPR looming large, and after all the build-up, it’s been a mostly smooth ride. And with understanding from regulators and more clarity being developed as we go on, GDPR might just end up being not so scary a prospect after all.

Looking for a secure, bespoke CRM solution to transform your business? Look no further! Discover Lunar CRM’s features, read up on our case studies, or get in touch to book a free demo – our team are happy to help!