GDPR Two Years On: Compliance Lessons LearnedAttorneys Discuss Gaps That Still Need To Be Addressed
Now that it's been two years since enforcement of the European Union's General Data Protection Regulation began, three attorneys - Kelsey Finch, Jonathan Armstrong and David Dumont - reflect on the lessons learned so far and the compliance gaps that still need to be addressed.
"The notion that GDPR would be cost-neutral for businesses has been wrong," Armstrong says. "There are few benefits to businesses. This promised 'single road' where data protection law would be the same across the EU, therefore saving businesses millions, has been proven to be nonsense."
In an in-depth video panel discussion with Information Security Media Group, the three attorneys discuss:
- Whether citizens and businesses are better off since the enforcement of GDPR;
- What challenges still remain;
- How new technologies, such as artificial intelligence and facial recognition, will impact the nature of privacy.
Finch is senior counsel at the Future of Privacy Forum, based in Seattle. She leads the organization's smart cities working group. Previously, she was an inaugural Westin Fellow at the International Association of Privacy Professionals.
Armstrong, an experienced lawyer with Cordery in London, is an expert on data protection and data security law. He advises multinational companies on risk, compliance and technology.
Dumont is a partner at the U.S.-based law firm Hunton Andrews Kurth who leads its Brussels privacy and cybersecurity practice. He assists multinational clients with GDPR compliance.