EU report says GDPR still isn't really working fully

(Image credit: Pixabay)

The European Commission has released a report saying that GDPR enforcement is still not fully up to scratch.

Two years on from its launch, the regulations continue to try and crack down on websites and technology companies abusing user data, but "areas for future improvement" are still to be found, the report said.

GDPR remains "at the heart of the EU framework guaranteeing the fundamental right to data protection," it adds, however enforcement of the rules and punishments laid out two years ago remains lax in some cases.

EU GDPR

“The general view is that two years after it started to apply, the GDPR has successfully met its objectives of strengthening the protection of the individual’s right to personal data protection and guaranteeing the free flow of personal data,” the report says. “However, a number of areas for future improvement have also been identified.”

This includes the fragmentation of GDPR across the continent, as EU member states still had to pass individual laws that settled GDPR with local regulations. This has led to legislation in some countries being markedly different to others, leading to a number of possible legal grey areas.

“Developing a truly common European data protection culture between data protection authorities is still an on-going process,” the report notes.

“This fragmentation also creates challenges to conducting cross-border business, innovation, in particular, as regards new technological developments and cybersecurity solutions.”

The report names data protection as "a pillar of citizen's empowerment", and notes that overall, the impact of GDPR does appear to be being felt across the continent. Recent research found that over two thirds (69 percent) of EU  citizens aged 16 or older were aware of the regulations, with 71% saying they had heard of their national data protection authority. 

The increased need for remote working during the global pandemic has led to a greater amount of scrutiny on data protection and GDPR. Recent research from Bitglass found that nearly two-thirds (63 percent) of companies believed remote work is likely to impact their compliance with mandatory regulations such as GDPR.

The EU is also hard at work building its own multi-national cloud computing network to reduce reliance on US-built services. The system, known as Gaia-X, could help enforce regulations such as GDPR, moving towarrds forming consistent standards concerning how data is stored and processed on servers located in the European Union.

Via VentureBeat

Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.