The United Kingdom data privacy watchdog reports that the number of complaints received since the EU’s General Data Protection Regulation (GDPR) took effect three months ago has almost doubled. Under GDPR, anyone who believes their personal data has been misused can file a complaint with the Information Commissioner’s Office, or ICO.
Legal Experts say GDPR is promoting greater privacy awareness, mainly because organizations have to reveal when, and often times, how they were breached. Ann Henry, a Dublin-based attorney who specializes in data protection law, says “This increase in reported data breaches and in complaints from data subjects is a trend we expect to see continuing as the public becomes increasingly aware of their rights under GDPR and the value of protecting their personal data from a privacy perspective.”
Thus far, none of the EU’s Data Protection Authorities have imposed any fines based on GDPR policy. It’s simply too soon, having been only three months since inception. At some point though, perhaps in the very near future, the tide will change.
A previous blog post by my colleague Linn Freedman, provides valuable information on GDPR requirements and guidance on what organizations can do now to comply.