The European Commission has released a report saying that GDPR enforcement is still not fully up to scratch.
Two years on from its launch, the regulations continue to try and crack down on websites and technology companies abusing user data, but "areas for future improvement" are still to be found, the report said.
GDPR remains "at the heart of the EU framework guaranteeing the fundamental right to data protection," it adds, however enforcement of the rules and punishments laid out two years ago remains lax in some cases.
- UK Home Office 'repeatedly breached GDPR'
- These are the best website builders around today
- Cookie consent tools are undermining GDPR
“The general view is that two years after it started to apply, the GDPR has successfully met its objectives of strengthening the protection of the individual’s right to personal data protection and guaranteeing the free flow of personal data,” the report says. “However, a number of areas for future improvement have also been identified.”
This includes the fragmentation of GDPR across the continent, as EU member states still had to pass individual laws that settled GDPR with local regulations. This has led to legislation in some countries being markedly different to others, leading to a number of possible legal grey areas.
“Developing a truly common European data protection culture between data protection authorities is still an on-going process,” the report notes.
“This fragmentation also creates challenges to conducting cross-border business, innovation, in particular, as regards new technological developments and cybersecurity solutions.”
The report names data protection as "a pillar of citizen's empowerment", and notes that overall, the impact of GDPR does appear to be being felt across the continent. Recent research found that over two thirds (69 percent) of EU citizens aged 16 or older were aware of the regulations, with 71% saying they had heard of their national data protection authority.
The increased need for remote working during the global pandemic has led to a greater amount of scrutiny on data protection and GDPR. Recent research from Bitglass found that nearly two-thirds (63 percent) of companies believed remote work is likely to impact their compliance with mandatory regulations such as GDPR.
The EU is also hard at work building its own multi-national cloud computing network to reduce reliance on US-built services. The system, known as Gaia-X, could help enforce regulations such as GDPR, moving towarrds forming consistent standards concerning how data is stored and processed on servers located in the European Union.
- Keep your data protected with the best VPN software around