The European General Data Protection Regulation it is still a long way from its goal of creating uniform data protection rules in Europe. And this despite the fact that the vast majority of companies have now implemented the requirements of the GDPR. This is demonstrated by a representative survey commissioned by the digital association Bitkom among 503 companies with 20 or more employees in Germany.
67% praise the fact that the GDPR sets global standards for the processing of personal data. And one in two companies (50%) believe that the GDPR will lead to a level playing field within the EU. However, 70% still do not see uniform data protection across the EU due to different interpretations of the GDPR in member states.
The assessment towards your own company is also mostly critical. 40% see no competitive advantage through the GDPR in the international market for their company and 30% even see competitive disadvantages. This contrasts with 16 and 13%, respectively, who describe the GDPR as a small or large competitive advantage.
“The idea of the GDPR to create a uniform data protection framework with high standards for Europe was and is correct. So far, however, it has not been possible to derive the competitive advantage that is often claimed,” says Bitkom CEO , dr. Bernhard Rohleder.
Data protection efforts have increased for the GDPR
The vast majority have now implemented GDPR, either fully (22%) or mostly (40%). A third (33 percent) consider themselves partially on target, only 2 percent are just starting implementation, and no company has done anything yet. Virtually all companies have increased their data protection efforts since the introduction of the General Data Protection Regulation (GDPR).
“The DS-GVO is not a one-time plan that you assume and then implement once,” says Rohleder. “It requires continuous efforts, especially when introducing new business processes and digital technologies, and a constant reaction to new interpretations, such as court decisions or information from the numerous supervisory authorities,” says Rohleder.
DS-GVO: Above all, external factors are slowing down
In the opinion of the companies, the fact that the implementation of the GDPR has not yet progressed is mainly due to reasons for which they are not responsible. Above all, they are faced with legal uncertainty and a contradictory interpretation of data protection rules within Europe and between federal states.
Companies are currently critical of the implementation of data protection in Germany. Two-thirds say strict data protection in Germany makes digitization more difficult (68%), and almost as many say inconsistent data protection inhibits digitization (65%). And 61 percent say that Germany goes too far with data protection: a year ago the figure was still 50 percent.