7 October 2019

GDPR one year on: the positive and negative implications


Recently the E.U celebrated the first-year anniversary of the introduction of the General Data Protection Regulation. It is widely regarded as the most important change in data privacy regulations within the last decade.

Many countries that aren’t subject to EU legislation (i.e. Norway, Switzerland, Iceland Lichtenstein,) have instead adopted regulations that are heavily influenced by GDPR.

European Commission published an infographic which detailed the compliance and enforcement of GDPR within the past 12 months.

Furthermore, cases and fines released by the European Data Protection Board:

  • 55 955 871 euros in fines
  • 50 million euros was a single fine on Google
  • 281 088 total cases
  • 144 376 complaints
  • 89 271 data breach notifications
  • 47 441 other cases
  • 37.0% ongoing
  • 62.9% closed
  • 0.1% appealed


The benefits of GDPR:
Improved cybersecurity

Findings from Cisco found a clear correlation between GDPR-compliant businesses and lower rates of data breaches. By investing more in cybersecurity and data, organisations have helped to decrease their cyberthreat.

Brand safety

Data breaches can have a devastating impact on the reputation of an organisation. Users and consumers value their privacy and by being GDPR-compliant, organisations can now ensure confidence is not lost or damaged.

Loyal customers

GDPR has allowed users to spend more time on the sites they enjoy without being overwhelmed with advertisements from unknown organisations they had been subscribed to in the past. It has been suggested that users are more likely to accept the mandatory opt-in from organisations and businesses they are interested in.


The challenges GDPR has brought:
The cost of compliance

Making sure an organisation is GDPR-compliant meant ensuring policies were updated and processes were implemented. Depending on the quantity of data being processed, the cost of achieving compliance varied from hundreds to tens of thousands of pounds.

Non-compliance penalties

The penalty on non-compliance is certainly something that encouraged organisations to implement GDPR. With a potential fine of 2% of Global Annual Turnover, the cost of non-compliance would have severe consequences on a business.

While GDPR has been the thorn in many organisations’ side, there are many benefits to being compliant not least in helping companies be less prone to data breaches. All organisations know how damaging data breaches can be.

So any steps that can help preserve reputation should the worst happen are welcome. While the penalties for ignoring GDPR are great, the long-term risks to your business could be even greater.

Unintended consequences of new data privacy rights

GDPR can be thought of as a privacy “bill of rights.” Many of these new rights have come with unintended consequences.

If your account gets hacked, the hacker can use the right of access to get all of your data.

The right to be forgotten is in conflict with the public’s right to know a bad actor’s history (and many of them are using the right to memory hole their misdeeds).

The right to data portability creates another attack vector for hackers to exploit.

And the right to opt-out of data collection creates a free-rider problem where users who opt-in subsidize the privacy of those who opt-out…


Do you have a market research project? Contact us.
We are able to offer you a methodology of qualitative and/or quantitative survey on measure.
To answer your problematic in marketing, communication, quality, satisfaction & customer/employees relationship or innovation.

The LDB Mica Research team




Sources :
– GDPR after one year costs and unintended consequences
– The positive and negative implications of gdpr
– The introduction of gdpr one year on
– GDPR one year on the positive and negative implications

Freepik Image