Posts: 16,113
Threads: 10,248
Thanks Received: 9,329 in 7,475 posts
Thanks Given: 10,286
Joined: 12 September 18
08 May 19, 16:34
Quote:
GDPR One Year Later – How Well Was It Implemented?
May 2018 brought on the mandatory implementation of GDPR regulations for Europe, but, de facto, for the entire world since European users can freely roam across the internet of pretty much all countries.
Much to the fretting of virtually everyone else around the world, lots of companies and websites located outside of EU had to review and restructure not just the text from their privacy policies, but their actual data collection practices.
GDPR One Year Later: An Interview with Bogdan Manolea
Now, a year later, on the law’s 1st anniversary since its implementation, I decided to have a talk with someone who understands much more about it than me, namely with Bogdan Manolea from the Romanian Association for Technology and Internet (APTI) and from Trusted.ro (the 3rd party seal of approval for e-commerce websites, vouching for their safety and honesty following independent tests).
He doesn’t like the word expert, but I don’t really know how to introduce him avoiding the word. Let’s just say he’s the first person who comes to my mind whenever I have some issues and doubts regarding digital rights in general (not just the very recent GDPR).
Here’s what we talked about and what his answers were. [The interview was a bit edited for length and clarity.]
1. As a GDPR expert, what’s your take on how this law was implemented in Europe and beyond, now, almost one year later since its principles became enforced?
First, I hate the words “GDPR expert”. I don’t understand how you can be an expert in a law that was adopted three years ago and it started to be implemented one year ago. This is just marketing bullshit, IMHO.
Moreover, the truth is that data protection existed for a long time in Europe as a specific domain and the Council of Europe Convention 108 on automatic processing of personal data exists from 1981. Even the first EU directive exists from 1995.
So, the fact that some media picked up the subject only recently or that companies have become much more aware since the huge fines from GDPR were advertised, that is just their problem.
But the concern for privacy and personal data protection, including specific legislation on the matter, have existed in Europe for decades. Even the principles are almost the same from 1981.
The need for a law more in line with the digital processing of personal data has been discussed for years and the digital rights groups from Europe (including myself from APTI in Romania) have been active in pinpointing the limits of the previous directive from 1995 and asking for a better legislation that is unique at the entire EU space level. This is why GDPR was adopted in 2016 and it started being applied in 2018.
So the principles should have been enforced for some time, actually. The fact that we are still discussing how companies are implementing the data protection principles after decades of laws in this domain shows us that the legislation was basically inefficient, to a large extent.
Continue Reading
GDPR and Data Breach Risks: An Interview with Bogdan Manolea of ApTI
![[Image: heimdal-logo.svg]](https://heimdalsecurity.com/blog/wp-content/themes/heimdalv2/images/heimdal-logo.svg){kind=logo}
![[-]](https://www.geeks.fyi/images/collapse.png "[-]")
