Skip to main content
close search
site logo
Dive Brief

No company wants to become the 'guinea pig' of GDPR

Published June 6, 2018
Samantha Schwartz's headshot
Samantha Schwartz Reporter

Dive Brief:

  • GDPR led to "three levels of denial" from companies, including avoiding compliance, rebranding policies or playing the "wait and see" game, said Sara Jodka, counsel at Dickinson Wright for data privacy and cybersecurity, in an interview with CIO Dive.

  • Because "every company is a different animal," the learning curve surrounding GDPR varies, along with any perceived impact of violations, according to Jodka. But failure to at least procure a registered agent to process complaints or serve as a point of contact for EU customers could put companies in the "crosshairs" of regulators.

  • For some companies that failed to comply by May 25, instead of taking a chance with incomplete compliance, they are intentionally bowing out of EU service until all requirements are met. These companies are effectively taking a "responsible" hiatus from providing to EU customers even if it costs them time and money, said Jodka.

Dive Insight:

Jodka has experienced firsthand some of the opposition U.S. companies have to GDPR. Organizations have accused the regulation of "just scaring U.S. companies," while others are hardline on the belief that a European regulation cannot be enforced in the U.S.

Some companies expressing resistance in a less defensive way have turned to the facade of rebranding externally facing protocols without the internal functions in place to reinforce them. 

Simply announcing changes in cookie policies, terms of use, vendor agreements or data protection agreements could lead a company into trouble. For example, if an EU customer were to submit a data request and a company was unable to complete the process, GDPR enforcement agencies could target the company with violation fines.

But rebranding is often a part of the "wait and see" practice some companies are embracing under GDPR. Companies adopting this approach are waiting to see the ramifications of a similar-sized "guinea pig" facing GDPR violations.

Trying to work around regulations is not something any company can afford long term, particularly in the face of steep fines. Taking the necessary time and steps to assure full compliance is like "making sure your product is right" instead of "having to recall it because it didn't work," said Jodka.

Filed Under: Leadership

Editors' picks

Company Announcements

View all | Post a press release
Blackpoint Cyber Launches Global Partner Program and Enablement Platform Emphasizing a Focus o…
From Blackpoint Cyber
October 30, 2024
NeuBird Named a Cool Vendor in the 2024 Gartner® Cool Vendors™ in IT Operations Leveraging Gen…
From NeuBird
November 11, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Viz.ai Wins Prestigious Prix Galien USA Award for Best Digital Health Solution
From Viz.ai
November 12, 2024
Editors' picks
Latest in Leadership
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell