The Pros, Cons and True Impact of GDPR One Year Later
What Have We Learned in the Past Year?
By Terence Jackson, CISO at Thycotic
GDPR went into enforcement almost one year ago on May 25, 2018. What have we learned in the past
year? What fines have we seen? Did it make a difference?
May 25, 2018 was similar in mindset and action to January 1, 2000. We all thought the world was going
to end as we knew it. It did not. What we have learned over the past year is that not much has changed.
GDPR was beneficial in that it gave individuals greater control over the use of their personal data, but
has that made them any safer overall? According to a February survey released by DLA Piper, 59,430
breaches were reported in the first 8 months of the regulation with only 91 fines. The largest being
attributed to Google by the French Data Protection Authority. Aside from the large financial losses, it
seems like a lot of work for not very much reward. This also tells us that the majority of companies are
not being fined for mishandling data.
Has this really been the magic bullet European regulators had hoped for? It may be too early to tell, but
it has forced companies globally to rethink how they collect, process and share data. Inadvertently, it has