The recent introduction of GDPR, which is some of the strongest data privacy regulation ever created, has been causing a stir in many businesses.
Many people are likely to have witnessed some of the effects of it first hand, with some companies having sent messages to their customers asking for approval of their use of private data, and others adding pop up messages on their websites explaining how they use the data they collect.
This may well have wider implications for legal disputes between businesses and customers, so here are some of the effects GDPR may have in this respect.
Perhaps one of the most noteworthy consequences of GDPR being introduced is that businesses can face much harsher punishments for data breaches compared to before the regulation came into force.
Now, they can expect to face fines of up to 20 million euros or 4% of annual turnover for severe data breaches. This means that a group of customers whose data is mishandled by a business, or even stolen, stand to gain a lot more from litigation, and, by extension, businesses stand to lose a great deal more too.
Now that the responsibilities of companies have greatly increased/tightened in terms of protecting customer data, it makes sense that there could potentially be far more legal cases launched, given that there is more scope for businesses to trip up (and for customers to litigate).
As such, specialist legal firms like Withers may well be in greater demand, and could start to offer a dedicated service based around legal disputes regarding GDPR. In essence, customers are likely to have much stronger cases against the businesses they launch legal action against. That being said, much depends on how well businesses deal with GDPR in the long term, and how effective the measures they take to protect customers’ data are.
Conversely, GDPR may also lead to fewer legal disputes in the long run, given that businesses will have to be incredibly strict with their data protection measures to be compliant with regulation. Any high profile cases which lead to large companies being fined enormous sums of money may set an example for other businesses across the world, and help them to take the appropriate steps to avoid legal action in the future.
Ultimately, the main purpose of GDPR is to keep customers’ data safe in an increasingly digitalised world, and most modern businesses should be able to manage this (especially given that cyber security technology is constantly advancing).
So, whilst GDPR may well present customers much stronger legal cases against businesses that fail to comply with the rules laid down by the EU, it could well be the case that little changes in reality (provided companies take the regulations seriously).
As such, legal disputes between businesses and customers regarding data protection should still be a rarity, although only time will tell if GDPR has a significant impact on the practices and policies of businesses.