The General Data Protection Regulation (GDPR) came into force in May 2018, and by the letter of the law, virtually every business in the UK needs to comply with it. However, there are still some misconceptions surrounding the law and what it means to organisations. This can lead to difficult situations where mistakes can be made.
Myth 1: The large fines are just a threat
The GDPR made headlines for a long time back in early 2018 before the regulations came into force. During this time, much was made of the extremely heavy fines that could be placed in businesses that failed to comply with the regulations. These were reported to be up to €20 million or 4 percent of global turnover, whichever figure was greater.
For example, in 2016 WhatsApp was issued with a penalty of €10,000 for each day that they failed to comply with Dutch data laws. This was before the GDPR came into force, but since the instigation of laws, there has been an extremely heavily penalty issued against Google for the company’s failure to comply with the rules.
Myth 2: The GDPR won’t apply to the UK after Brexit
There is a common misapprehension which might be something of wishful thinking on the part of business owners who don’t want the hassle of achieving compliance with GDPR regulations. This is that UK businesses will not need to comply with the GDPR after Brexit because it is an EU law and that this standard will not apply to Britain.