So, ‘What is the risk of ignoring GDPR legislation?’
GDPR legislation, as it applies in the UK as the Data Protection Law under the Data Protection Act 2018, is indeed that, a law. A law with the protection of data about us all at its heart and, to some extent, giving control of that data back to us. It also places some pretty serious obligations on those that collect, use, and share our data.
As a law it is of course enforceable. What is becoming apparent is, no-one knows to what extent that enforcement will actually take place.
Don’t get me wrong, across the EU we are starting to see some eye watering numbers in terms of fines and some headline cases being brought to trial. Getting it wrong, as can be seen, has some very serious consequences. If you get caught.
The checks and balances built in mean that those of us whose data it is can complain and speed this process along. It requires the legislator to pick it up, but the power is in our hands. In addition, you are seeing a rise of court cases almost along the lines of ‘where there’s blame there’s a claim’, with TV adverts encouraging people to get in touch with the promise of compensation. Attractive to the lay person, no doubt; who remembers PPI?
The reality for many though is that the risk will be low. Of course, it is the right thing to do. It is the law after all. But as it stands, mass enforcement is low, with many reported breaches going unchecked. Times are changing, and as we move to a post-BREXIT world in the UK, both the UK and the EU are coming to grips with what this means and how it applies for GDPR. For now, to addressing the question posed above, ‘What is the risk of ignoring GDPR legislation?’ Well, the risk is fines and enforcement; but that risk, in today’s world, is low.
Author: Stuart Barker
This is an opinion piece of and by Stuart Barker. You can connect with him on LinkedIn here: https://www.linkedin.com/in/stuartabarker/