The EU GDPR has been in force for several months in all EU countries. How has this been from your perspective?
It is too early to draw any final conclusions. It was noticeable that, although there were some companies that prepared themselves early for the start date, many companies waited until “the last minute”. They did not take a closer look at the new legislation until the spring. All in all, it has been and is very positive for me to see that the focus on data protection and IT security has increased sharply. We already had, even before the EU GDPR, data protection laws, corresponding processes and responsibilities in companies as well as in public authorities.
However, since May 2018, the topic has gained momentum again. There is a lot going on. State governance structures in the Member States were also created or expanded. It is much easier to see today who the contact persons are in the different countries. Another positive factor is that the legislation is receiving international attention. In contrast, the development of “warning lawyers” worries me. This problem can lead to difficulties, especially for small businesses.