There are only 6 months left till the GDPR enters into force across the EU member states. It introduces the right "to be forgotten", which grants the right to request a full removal of all data concerning the applicant from a company's database.
 
So, which business sectors might be particularly hit by the GDPR?
 
It seems that social media companies are the most at risk. They operate in a personal data abundant environment. Given also the frequent updates made by users of those sites, it is also difficult to control the flow of information. The operators of those sites also gather a huge amount of data related to individuals habits and behaviour. The geo-location technology allows them to pinpoint the user's location to any place on Earth, and a lot of people who are uploading their holiday photos are not even aware of this.
 
Data is also often stored not just in one file, but it is spread throughout the whole system in multiple locations. Most companies are not prepared to handle incoming requests for deletion of data.
 
Thus companies have to adopt the right approach and ensure they are compliant with the GDPR. They will also most probably have to change their operating model from harvesting large chunks of data indiscriminately to storing a more selected data stream from the users.

About the Author

Back to list

Read also