There is no "ish" in privacy: GDPR 3-5 years later

Send us a text

On this week of #SeriousPrivacy, Paul Breitbarth and K Royal discuss the European Union’s General Data Protection Regulation, because three years ago from the day this episode was released (May 25, 2021), the GDPR went into effect.  And whether you consider it three years or or five (per this Twitter debate), it was a world-changing event. 

In this episode, they talk about the changes seen in the past three years, including the two years before that when the GDPR was passed. They discuss penalties and amounts known, but also the most frequent violations. Companies can learn alot by looking at enforcement to know where to prioritize their compliance activities - or at least what to check to make sure it is properly in place. They discuss the locatemyfamily.com that has been in the news lately, including for not appointing a European representative, and the challenges the data protection authorities faced to investigate the complaints across the ocean.

In addition, they discussed how the GDPR impacted US legislation, such as the concept of controllers and processors, and the definition of sensitive personal data. The GDPR influenced the California Consumer Privacy Act (CCPA), or more so the California Consumer Privacy Rights Act (CPRA) and the Virginia Consumer Data Protection Act (CDPA) - the latter two take effect in 2023. There is discussion of the importance of EU representatives - and there is a passing mention of the upcoming standard contractual clauses. 

As always, if you have any questions or comments, please feel free to contact us at [email protected]. In addition, if you like our podcast, please do rate and comment on our program in your favorite podcast app. 

Powered by TrustArc
Seamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.

With TrustArc’s Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.

If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email [email protected]. Rate and Review us!

From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.