The European General Data Protection Regulation came into force on May 25, 2018. The most obvious impacts for consumers are likely cookie consent boxes and references to privacy policies on websites. For companies, however, the GDPR means a great deal of additional effort and problems when processing personal data. 62 percent of the 602 companies with 20 or more employees surveyed by Bitkom are hesitant about using data for fear of violating data protection regulations. 60 percent have already halted innovation plans because data protection regulations or uncertainties forced them to do so.
"A uniform data protection law for the entire EU was and remains a great project for citizens as well as for the EU as an economic area. However, after five years of the General Data Protection Regulation, it must be said: The GDPR has not fulfilled its promise to ensure uniform, understandable, and practical data protection rules across Europe. Instead, the independent interpretation of the rules by each national and regional supervisory authority leads to legal uncertainty."
says Bitkom President Achim Berg.
"Many companies are therefore refraining from developing new technologies and services – or relocating their projects abroad. This is evident not least in bans on innovative technologies such as ChatGPT in individual EU member states, which are causing massive uncertainty."
GDPR anniversary: “Data protection is extremely important in our digital world”
Data protection requirements are costing concrete opportunities for growth and prosperity, according to at least 58 percent of the companies surveyed. 63 percent say that strict regulations are stifling innovative data-driven business models in Germany or driving them out of the country.
"Data protection is extremely important in our digital world. However, we are currently experiencing a paralyzing fear of mistakes and a one-sided trade-off between data protection and the added value of data use,"
Berg says. This applies, for example, to cross-border cooperation projects and medical research, but also to the digitalization of healthcare or administration. Small and medium-sized enterprises in particular lack practical support to implement innovative business ideas and grow in the data economy. Berg says:
"We must view data processing as an opportunity, not always as a risk. If we continue as we have for five years, we will weaken our ability to innovate and compete."
Startups that have taken up the issue are proving that the GDPR also offers opportunities for companies. In episode 59 of the Munich Startup Podcast, we introduce four Munich-based data protection startups.
