GDPR & Customer Data Protection: GDPR’s biggest impact may ultimately be its effect on overarching laws to protect customer data.

GDPR’s one-year-old story is interesting in and of itself. Therefore, it is perhaps most exciting in terms of what it portends for the future of data privacy. This is also including, companies’ and the U.S. government’s willingness and ability to protect customer data.

GDPR is a regulation in the EU law for governing management and egress of personal data for EEA citizens. This area encompasses all EU countries that are signatories of the regulation. In addition, it includes as well, citizens of Iceland, Liechtenstein, and Norway. Entities that collect and process personal data for those countries’ citizens have specific liabilities under this regulation. First, they must conform to certain stewardship practices. In addition, they should comply with what is really a “bill of rights” for personal control of data. The GDPR was passed in 2016 and went into effect on May 25 of 2018.

The advisory board for the GDPR, also known as European Data Protection Board, has released information about some of the effects of GDPR through the end of 2018.

GDPR and Customer Data Protection: 95000 complaints within the first year

Specifically, there were about 95000 complaints to the GDPR during that time period. 60000 of those, were lodged between May 25 and November 2018. In December of that year, there was a nearly 60% increase from that accumulated total. 35000 complaints, only in that month alone. Likely reasons for the spike include data breaches. Many of them have been involving Facebook, Quora, Google+, and Signet Jewelers (parent company to Jared and Kay Jewelers).


There were more than 41000 reports of data breaches, nine months after GDPR went into effect. Under the regulation, data compliance officers have 72 hours to report breaches.

To read more about this GDPR & Customer Data Protection article, please click here.