NABLA Business Lawyers Group
Administrative address
Operational address for Spain
Image Alt

NABLA Business Lawyers

RGPD: 6 years on, where do we stand? Discover our in-depth analysis of the remaining progress and challenges!

With the General Data Protection Regulation (GDPR) now six years old, it is essential to assess the progress made in protecting the data and privacy of European citizens, while considering the practical implications for businesses. As a business law firm, we have reviewed the relevant sources and incorporated practical considerations into this contribution.

The GDPR, which has been in force since 2018, has undoubtedly improved the protection of personal data and increased privacy awareness. Companies have invested heavily in RGPD compliance, putting in place internal policies and mechanisms to protect their customers’ data. EU citizens now have stronger data protection rights.

However, the challenges that remain should not be minimised. National data protection authorities need to intensify their cooperation to ensure a smooth implementation of the GDPR across Europe. The EDPB (European Data Protection Board) and European Commission reports highlight the importance of consistency and coordination between different authorities to ensure the effectiveness of the GDPR.

From a practical point of view, small and medium-sized enterprises (SMEs) need specific support to comply with the RGPD. The CIPL article and the European Commission report suggest that SME-friendly resources and guidance should be developed to help these key players in the economy comply with the requirements of the RGPD. Some of these practical recommendations include appointing a data protection officer, training and raising awareness among employees, setting up internal procedures, conducting data protection impact assessments, drafting and updating privacy policies, managing consents and preparing data breach response plans.

In sum, the progress made since the implementation of the GDPR is encouraging, but there is still much to be done. Businesses, data protection authorities and legislators need to work together to ensure a smooth and effective implementation of the Regulation. It is also crucial to provide appropriate support to SMEs to help them comply fully with the RGPD. By taking a collaborative approach and addressing the challenges identified, we can build a future where personal data is protected and respected across the EU.

Sources used :

1. “Two Years of GDPR: Questions and Answers” (2019) –Link
2. European Data Protection Board (EDPB) report –Link
3. Centre for Information Policy Leadership (CIPL) paper –Link

4. European Commission report –Link