GDPR, mons­ter or blessing?

12. September 2018

The GDPR has been in force for seve­ral months. For some a bureau­cra­tic mons­ter, for others an unex­pec­ted stroke of luck. So it’s time to draw a first conclusion.

The effort for the compa­nies was high, a lot of time had to be inves­ted, data protec­tion decla­ra­ti­ons had to be brought up to date, a data protec­tion offi­cer had to be appoin­ted, decla­ra­ti­ons of consent for circu­lars by e‑mail had to be obtai­ned, in short: the entire data traf­fic needed a complete revi­sion in many points in order to comply with the new regu­la­ti­ons. Fail­ure to comply would still result in fines in the milli­ons, which would mean the end for medium-sized and small compa­nies. And, of course, the dead­line for the chan­geo­ver seemed as sudden as Christ­mas. After all, the topic had been known for more than two years, but very few people took care of it.

Critics complain that the new regu­la­ti­ons regar­ding data protec­tion were not so new, but as always, the devil was in the detail. In the process, reci­pi­ents of e‑mails, for exam­ple, can enjoy a clean-up of the some­ti­mes annoy­ing mail floods. And compa­nies have often reco­gni­zed and used the oppor­tu­nity to thoroughly sift through and clean up their data silos. The feared wave of warnings has also not yet occurred.

If now the second step is taken, to feed exis­ting data into a new utiliza­tion, e.g. for the exch­ange, sale or purchase of data, the initial mons­ter could still trans­form into a data-driven blessing.