Go to the profile of Detracker
Detracker
The first online privacy and data protection advisory firm in Europe working only with startups to save compliance costs and win more users. www.detracker.eu

General Data Protection Regulation — How It Came About and Some Trivia

The General Data Protection Regulation (GDPR) is the biggest shakeup in the history of online privacy regulations in the EU. It replaces a 20 year old European data protection regime known as the European Data Protection Directive. The 1995 law did not catch up with the speed of technological advances and the obstacles to privacy that they present.

Therefore, the GDPR had to catch up with the new tech structure in one big leap. Some of the topics addressed are the curtailment of profiling, joint liabilities for non compliant 3rd parties, parental consent, international data transfers and many more including enhanced users’ rights. The story behind such journey is most interesting.

4+ years and 4000+ amendments

The GDPR was first proposed in January 2012. Because of its provisions and harsh requirements, the GDPR’s journey was not smooth. In fact it became the most highly disputed piece of legislation in the history of the EU. The GDPR saw more than 4000 amendments and was constantly referred between various European institutions. The final text was agreed on before Christmas in December 2015 and the law was adopted in April/May 2016.

Lobbying in Brussels

According to Ars Technica in the beginning of 2016 “the so-called EU transparency register reached a staggering 9,000 entries. Which is to say that 9,000 organisations lined up to lobby the European Commission, and the European Parliament on policy and legislation. And they all mean business — at a conservative estimate, €1.5 billion (~£1.19 billion) is spent on EU lobbying each year.”

To put this figure into perspective this amount of money translated into 7,084 meetings that government representatives had with lobbyists — of which — “a whopping 75 percent of those confabs were with companies and industry representatives”. In 2015 — Google had 29 meetings (most frequent of all companies) according to a Transparency International report.

Ars Technica states that “For the last few years, data protection has been the biggest lobbying topic in Brussels.” … “We’re told Microsoft spends up to €4.5 million (£3.56 million), while Google shells out up to €3.75 million (£2.97 million) per year. In the US, Google stumped up roughly €15 million (£11.9 million) last year, while Microsoft spent more than €7.5 million (£5.9 million).”

Privacy prevailed

Despite the strong current against it, the GDPR made it into effect and now protects residents of EU states. One of the first things companies should look into is their privacy policies — which have to be written in a simple and straight forward language. Reviewing data transfers if you are using a lot of contractors is a must too. Thinking that it’s their problem or the problem of non compliant 3rd parties is exactly the wrong way to look at it since GDPR punishes both the data controller (entity facing the end users) and the data processor (entity that handles data on behalf of the controller) together.

Detracker is the first online privacy firm working with startups. Email us on info@detracker.eu to find out how we can help you.

PrivacyEuropean UnionSaaSCRMStartup
  • Go to the profile of Detracker

    Detracker

    The first online privacy and data protection advisory firm in Europe working only with startups to save compliance costs and win more users. www.detracker.eu

  • Detracker

    Detracker

    The first online privacy advisory firm in Europe working only with startups. Here we outline tips on how to stay away from data protection bankruptcy and gain your users trust. Email us on solutions@detracker.eu to find out how we can help you with these and more.