Two years later, Europe’s General Data Protection Regulation has struggled with a lack of enforcement, not enough funding, limited staff resources, and stalling tactics by tech companies.
Privacy groups and smaller tech companies complain that companies like Facebook and Google are avoiding tough oversight. At the same time, the public’s experience with the G.D.P.R. has been a frustrating number of pop-up consent windows to click through when visiting a website.
I expected a lot more out of it as well. Sounds like the government needs to take it more seriously.
Check It Out: GDPR Hasn’t Been as Aggressive as Critics Would Like
GDPR is a penalty framework for battering large companies who lose lots of data – the purpose is to make all organisations improve their data handling processes and to stop the selling of personal data collected say by a health company to say an insurance company – The EU ‘Government’ has no power to implement GDPR in the member states – that’s the job of the member states’ Government – each of whom may or may not have implemented in exactly the same way – the UK Governments Civil Service has for the past forty years implemented every element of EU legislation with the zeal of a zealot, and empowering councils to chase the most trivial transgression of say food pricing in pounds and ounces. There are strict regulations on chilled products, also enforced in the UK, visit any small town in France on market day and you’ll see the same regulations being totally ignored!. So enforcing GDPR is down to the Information Commissioners’ Office in the UK and similar organisations in the EU. They are chasing the big fish, not the minnows, hoping the whopping penalties will encourage everybody to be more careful with other peoples’ personal data and to NOT resell it.