Besides its pro-user tone, GDPR is infamous because of its astronomical fines. They can reach up to 4% of the company's turnover or 20 million Euro. While some lawsuits have already been filed citing GDPR requirements, there is still no precedent for companies fined for non-compliance with the GDPR.
Unsurprisingly, the Internet giants, such as Google and Facebook, were the first to come under fire. Max Schrems, a privacy rights activist from Austria, filed several lawsuits against Facebook, Google, Instagram, and WhatsApp. The combined fines can reach $8.8 billion. The activist claims the companies coerce users into sharing personal information with an opt-in box that doesn't offer the particularized consent required under the GDPR. Both Google and Facebook refuted the accusations and defended their products, claiming a privacy-by-design approach and multiple changes made to meet the new regulation's requirements.
Meanwhile, Ticketmaster may become the first victim of the GDPR fines. The company did not report a continuous breach that leaked the personal data of over 40,000 international users from September 2017 to June 2018. Ticketmaster should have protected personal data better and reported the breach within 72 hours of discovering it. Now businesses worldwide are waiting for the ruling as it will set a precedent for GDPR adoption and implementation.
The world didn't end on May 25, 2018, but many businesses failed to use the time before the GDPR came into effect to become fully compliant. Despite unexpected adverse effects, most companies embrace the new requirements to gain the customer's trust and loyalty. How is your business handling the post-GDPR landscape?
Do you want to learn more about the requirements and fines? If so, let us know in the comment section. Please share this article on social media and don't forget to subscribe to the FreshCode blog
to be the first to learn of the latest IT news and trends.