After all, since then, for the first time, there has been a risk of high fines for violations

Sources used: dpa news agency

Berlin (dpa) – Europe has been living according to new data protection rules for a year. The General Data Protection Regulation GDPR, which became mandatory in the EU on May 25, 2018, caused a lot of discussion – and even today not all questions have been clarified.

Last-minute gifts: These are the order deadlines on Amazon Exclusive: Surprising shopping trends on Ebay in 2020 "hello123", "I love you" …: These are the most popular passwords in the German Tips for Protection: Security experts warn against PayPal fraud

But: "The great excitement has subsided", stated the lawyer and data protection expert Vera Jungkind from the law firm Hengeler Mueller. Before the cut-off date last May, there was a downright apocalyptic mood. "However, many companies and organizations then noticed that the world kept turning."

In the meantime, companies are working better and more focused on their data protection settings and are also tackling long-term goals, says Jungkind. "Actionism is over." As of the reporting date, the ordinance caused panic in many companies despite a two-year lead time. After all, since then, for the first time, there has been a risk of high fines for violations.

Digital

These discount campaigns on the Internet beckon – but be careful!

Excitement among German customers: fraudsters steal points

Proceedings against Apple for distortion of competition

Is the solution to a drug hidden here?

Blinder sings hit from pop star – singer reacts

Samsung makes an embarrassing glitch

Tips from the security expert: How to protect yourself against spam mail

Aldi attracts mobile phone customers with cheap tariffs

App brings Berlin Wall to life

WhatsApp brings new functionality

Heidi Klum is Germany’s most dangerous Google celebrity

"Fortnite": That’s what the game hype is all about

The cellular network is really that bad

For Viviane Reding, former EU Commissioner and pioneer of the GDPR, this reaction was incomprehensible. "One thing I would do differently today"said Reding. "I would no longer give market participants a two-year transition period." If panic breaks out shortly before it comes into force, that means: "Nothing happened for two years." Governments and companies would have two years "in deep sleep" located. "Then panic immediately, but also data protection immediately."

Many fears have not been confirmed, but there are plenty of complaints that the data protection authorities receive. While there were an average of 400 complaints and inquiries per month in 2017, the number soared to around 1370 between June and December 2018, more than three times as much, as the activity report of the Federal Data Protection Officer Ulrich Kelber shows.community service essay thesis

The supervisory authorities are also keeping the implementation busy. Still, Kelber believes the GDPR is one "Turning point in data protection". A feared wave of warnings failed to materialize, too "striking false reports" would not have come true. Photographs should continue to be made and names attached to doorbell signs, emphasized Kelber.

The provider of IT security solutions FireEye has also noted an increase in reports of violations. In any case, the GDPR has provided more transparency in companies and organizations, the company sums up its experience. The documentation requirement also forces them to deal more intensively with their own handling of data.

"The awareness of data protection is higher on all sides"says Achim Berg, President of Bitkom. The digital association is more likely to pull one "mixed record". Large international platform providers now benefit from the uniform legal framework, says Berg. In contrast, German medium-sized and small companies continued to struggle with implementation. "The problem is still that the GDPR does not differentiate between an allotment association and a large corporation."

The implementation of the regulation in the company is not a question of size, but rather of maturity, estimates lawyer Jungkind. "Data protection is not new." Whether international companies or non-profit organizations – many would only have "up a shovel" have to. On the other hand, there were problems with the implementation in companies whose IT organization could not keep pace after many acquisitions, for example, or who operate outdated systems in which the data cannot be deleted or separated.

For companies of all sizes, the GDPR continues to mean "a high level of implementation effort, and there are still many legal uncertainties"said Berg. The Federal Association of the Digital Economy (BVDW) even determined noticeable negative effects in a survey among its members. 39 percent of the digital experts in the 237 member companies expected a drop in sales. According to this, 32 percent have restricted their digital activities. BVDW Vice President Thomas Duhr cites the reasons for this "massive legal uncertainty" out.

The Federation of German Industries BDI praises the GDPR as an important cornerstone for a common market in the EU, but also emphasizes that the regulation is expensive for companies. It has what it takes to develop into a global standard, says Iris Plöger, member of the BDI management board. But the BDI is also calling for more legal certainty.

And: "Data protection in the EU must not become a disadvantage in terms of location"Plöger demands. So far, data protection and technologies such as artificial intelligence have stood out "diametrically opposed". When it comes to the anonymization of data, for example, more freedom is needed so that the development of artificial intelligence does not migrate.

Overall, the General Data Protection Regulation has permanently changed the economy and increased awareness of data protection on all sides. "In the end, it is about finding the right balance between data protection on the one hand and innovative, data-based applications on the other"said Berg.

Meanwhile, the effects of the GDPR are already reaching far beyond the borders of Europe. In Japan and California, too, the ordinance was followed positively and with interest, emphasizes the top data protection officer, Kelber. Even Facebook boss Mark Zuckerberg, who is under constant fire when it comes to data protection, has words of praise left, although complaints about Facebook’s messenger service WhatsApp and non-European mail providers concern the supervisory authorities most often.

The first big penalty based on the GDPR hit Google. In January, the French data protection authority CNIL found violations of the General Data Protection Regulation and ordered the group to pay around 50 million euros. Google has appealed. The GDPR must first prove itself, said Ingo Dachwitz von "netzpolitik.org" recently at the internet conference re: publica. Let it be the first great punishment – "let’s see if they get through".

When the General Data Protection Regulation (GDPR) took effect a year ago, there was great excitement. But that also has its good points, as is now being shown: The citizens know their rights and are not afraid to demand them. 

Beware of these phishing emails in May

Photo series with 10 pictures

One year after the introduction of the new EU data protection rules, two out of three EU citizens (67 percent) have heard of the General Data Protection Regulation. Almost as many (57 percent) know that there is an authority in their country that is responsible for the protection of their personal data. Compared to 2015, this is an increase of 20 percentage points, as the EU Commission announced on Wednesday, citing a Eurobarometer survey. "People are becoming more and more aware – and that’s encouraging", it said in a joint statement by EU Justice Commissioner Vera Jourová and Commissioner responsible for the digital single market Andrus Ansip.

Change data protection settings in Windows 10

Photo series with 11 pictures

Meanwhile, companies and associations continue to reiterate their points of criticism. The Federal Association of the Digital Economy (BVDW) published the results of a current member survey on Wednesday. Accordingly, the negative effects of the GDPR are clearly noticeable for companies. 39 percent of the digital experts in the 237 member companies expected a drop in sales. According to this, 32 percent have restricted their digital activities. BVDW Vice President Thomas Duhr cites the reasons for this "massive legal uncertainty" out. The digital association Bitkom recently emphasized that small and medium-sized companies in particular would have to struggle with the implementation.

Companies become "Spring cleaning" forced

Many companies now have their homework "some kind of spring cleaning" made, however, emphasized Tine Larsen, head of the data protection authority in Luxembourg. "It surprises me when companies complain now, because data protection and data security were not only created with the GDPR." The principles are the same as before. "Actually, the companies should have taken care of it many years ago."

The GDPR has been in effect in the EU since May 25, 2018 after a two-year transition period. In essence, the processing of personal data is regulated by companies, organizations or associations. This should give users back sovereignty over their data. Consumers have about one "Right to be forgotten". Data that is no longer required for the original purpose of storage must be deleted. There is also the right to information. Companies and organizations must provide stored data on request.

"Nothing happened for two years."

As of the reporting date last year, there was often talk of panic among companies. After all, since then, for the first time, there has been a risk of high fines for violations. "One thing I would do differently today"Former EU Commissioner Viviane Reding, who presented the first EU Commission draft for the new regulation in 2012, said on Wednesday. "I would no longer give market participants a two-year transition period." If panic broke out shortly before it came into force, that would mean: "Nothing happened for two years." Governments and companies would have two years "in deep sleep" located. "Then panic immediately, but also data protection immediately."

GDPR balance sheet of the authorities: Citizens complain about this most often Data protection as an ongoing task: GDPR keeps companies and authorities on their toesDespite GDPR: Germans remain suspicious of data protection Uncertainty among companies: GDPR causes consultancy boom

According to preliminary figures, more than 144,000 complaints have been received by the national data protection authorities last year. Most related to phone sales attempts, promotional emails, or video surveillance. The data protection authorities have initiated almost 450 cross-border investigations. "The main goal of the rules has been to give people more power and help them gain control over their personal information. It’s already happening now", said Jourová and Ansip. In addition, the GDPR has become the worldwide reference in terms of data protection.

Sources used: dpa news agency

In the first year of the General Data Protection Regulation (GDPR), citizens complained about almost 150,000 alleged cases of abuse. However, a violation is rarely punished. 

Beware of these phishing emails in May

Photo series with 10 pictures

Since the General Data Protection Regulation (GDPR) came into force across the EU in May of last year, the responsible authorities have received almost 150,000 complaints about violations of the new data protection standard. Most of the complaints concern advertising calls or e-mails and the installation of video surveillance systems, the EU Commission said in Brussels on Wednesday. Fines were therefore imposed in far fewer cases.

The Internet giant Google was sentenced to by far the highest penalty in France: The US company is supposed to pay 50 million euros for the non-transparent use of user data, among other things for advertising purposes. Theoretically, data protection authorities can impose fines of up to four percent of the company’s annual turnover based on the GDPR.

Change data protection settings in Windows 10

Photo series with 11 pictures

In Germany, for example, the social network Knuddels.de was fined 20,000 euros because it had not sufficiently secured the data of its users. In Austria, a sports betting office is said to pay a fine of 5,000 euros for unlawful video surveillance. In Malta, a regional authority had not sufficiently fulfilled its duty to protect the data of its citizens and is therefore expected to pay 5,000 euros.

"People’s awareness is increasing"

The EU Commission generally rates the fact that the subject of data protection has gained attention through the GDPR as a success: "People’s awareness is increasing", said Vice-Commissioner Andrus Ansip and Justice Commissioner Vera Jourova. Almost six out of ten people now know that there is a data protection authority in their country. In 2015, only four out of ten citizens were aware of this.

As an EU regulation, the GDPR has been in force across the EU since May 25, 2018 and did not first have to be legally implemented at national level. However, it is up to the national authorities to apply the provisions. "Our main priority for the coming months is to ensure proper and equal implementation in the Member States", announced the representatives of the Brussels authority.

"The principles of the General Data Protection Regulation also have an impact beyond Europe", added Ansip and Jourova. In Chile, Japan, Brazil, South Korea, Argentina and Kenya, for example, new data protection regulations are currently being worked on.