By Andreas Kißler
BERLIN (Dow Jones)–The European General Data Protection Regulation (GDPR), which has been in force since May 2018, remains one of the biggest drivers of bureaucracy for German companies even after six years. This is the result of a survey by the German Chamber of Commerce and Industry (DIHK) among 4,900 companies from almost all sectors, as the DIHK announced. Afterwards, more than three quarters of the companies still reported a “high to extreme” effort in implementing the GDPR in their everyday operations. “This value applies to all company sizes,” said DIHK general counsel Stephan Wernicke.
What is particularly critical is that among companies with up to 19 employees, almost one in four companies classifies their own GDPR effort as “extreme”. However, the law expressly allows relief for small and medium-sized companies. “However, this should be formulated more clearly so that it can be used in practice,” warned Wernicke. According to the survey, companies continue to attach great importance to the issue of data protection. More than 60 percent of companies say that the importance of the topic has increased for them in the past three years due to the threat of cyber attacks.
In addition to the burden of bureaucracy, companies complained primarily about legal uncertainty and its consequences. “It is noteworthy that companies with GDPR experience in other EU member states mostly experience the data protection authorities there as less strict than the German authorities,” said Wernicke, referring to the survey results. “Around half of the companies also see themselves as having different legal opinions within Germany of the responsible data protection authorities. “Such legal uncertainties are slowing things down digitalization and the conversion of business processes.”
The harmonization sought by the GDPR must therefore be pursued more stringently. 69 percent of companies also complained about ambiguities and risks regarding the legal consequences of possible violations of the GDPR. “In particular, the questions of possible damages are still unresolved,” said Wernicke. Collective actions through the new Consumer Rights Enforcement Act increased the risk of claims for damages, which are difficult to calculate.
Contact the author: [email protected]
DJG/ank/sha
(END) Dow Jones Newswires
February 27, 2024 04:22 ET (09:22 GMT)