We’ve all heard about GDPR and what it was set out to do but do we really know its actual impact on the affected areas? Probably not, is the answer which is why we are going to find out.
The lead-up to the effective date of the GDPR led to many companies and websites changing their privacy policies and features worldwide in order to comply with its requirements, and providing email and on-site notification of the changes, despite having had at least two years to prepare and do so. This has been criticized for eventually leading to a form of fatigue among end-users over the excessive numbers of messages. Experts also noted that some reminder emails incorrectly asserted that new consent for data processing had to be obtained for when the GDPR took effect, even though any previously-obtained consent to processing is valid as long as it is properly documented and meets the requirements of the GDPR. Unfortunately the GDPR also meant access to many websites outside of Europe was blocked due to the owners and operators not wanting to comply with the new regulation. Phishing scams also emerged using falsified versions of such emails, and it was also argued that some GDPR notice emails may have actually been sent in violation of anti-spam laws. Mass adoption of GDPR privacy standards by international companies have been cited as an example of the “Brussels effect”, a phenomenon wherein European laws and regulations are used as a global baseline due to their gravitas.
Hopefully the effect of GDPR is now a little bit clearer!