This morning we were having coffee at our favorite coffee shop in London and the conversation veered to GDPR. One of our party was having to tell his staff over the telephone that it was still all right to use internal email even in the face of GDPR. This was a startup, and it had a basic misunderstanding about what GDPR covers. It’s probably not the only one.
And that’s the problem. Few people, outside of attorneys who specialize in cloud systems, understand what’s regulated and what is not. So they will err on the side of no more communication over the internet.
This is how ridiculous it has gotten in the UK since GDPR. This could create chaos for a few weeks or months.While in the US, we have only had to deal with GDPR tangentially (all the large companies are already in compliance and the small ones have decided to exit the European market), companies in the UK do not have that choice. GDPR is being used the way Y2K was used at the turn of the century, to strike fear into everyone and generate work for consultants.
Which is not to say that fines will not exist. In fact, Google and Facebook were hit with $8.8 in lawsuits on the first day. The suits were filed by a privacy advocate who believes that both companies coerced people into sharing private data.
In the case of Facebook, the suits have been filed against WhatsApp and Instagram in addition to the company’s primary site. The Google suit is against the Android Operating system.
But this is not the same as fines. These were filed by a single activist, not by the EU. And these suits were filed despite the fact that both companies have rolled out GDPR compliance policies. It is his view that these policies are not enough.
We have also heard people saying they were going to wait until policies sorted themselves out before continuing to do business in Europe.
For us, we are getting tons of email asking if we want to subscribe to things we long ago consigned to the “direct to trash” folder. We will now have a quick way to unsubscribe from them.