Home
About Us
Our StoryContact UsAdvertise With UsOur Media PackOur Team
Latest News
Corporate Social ResponsibilityCATEGORYFinanceCATEGORYInnovationCATEGORYLeadershipCATEGORYLegalCATEGORYM&ACATEGORYStrategyCATEGORYView All Articles
Issues (Magazine)
February 2025LATESTJanuary 2025Issue 12 2024View All Publications
Our Awards
Current AwardsArchived AwardsRecent Winners
SubscribeFREE

© Copyright Acquisition International 2025 - All Rights Reserved.

Article Image - GDPR: The Five Most Risky Legal Misconceptions
Posted 4th May 2018

GDPR: The Five Most Risky Legal Misconceptions

Despite being one of the most widely debated regulatory changes to have hit organisations in recent years, only 7% of companies are “fully prepared” for the impending implementation of GDPR, and a massive 60% are in real danger of missing the deadline for compliance, according to a study by Crowd Re

Mouse Scroll AnimationScroll to keep reading
Let us help promote your business to a wider following.
Chat To Sales See Our Awards

Home » News » Legal » GDPR: The Five Most Risky Legal Misconceptions

GDPR: The Five Most Risky Legal Misconceptions
Image

GDPR: The Five Most Risky Legal Misconceptions

Despite being one of the most widely debated regulatory changes to have hit organisations in recent years, only 7% of companies are “fully prepared” for the impending implementation of GDPR, and a massive 60% are in real danger of missing the deadline for compliance, according to a study by Crowd Research Partners.

With some of the biggest regulatory fines in history on the table, plus the risk of enormous reputational damage and adverse publicity for those who make serious breaches, this is not something to be taken lightly. Barristers-at-Law, Quentin Hunt and Dean Armstrong QC (co-author of Cyber Security- Law and Practice) examine some of the most common misconceptions, what they could mean for you and your organisation, and how to avoid seriously detrimental penalties.

 

1.       It’s not just about the fine

One of the biggest GDPR headlines is the scale of the fines that could be imposed on those who don’t get the regulations right. Such fines are likely to be used as a last resort, but with certain infringements carrying a penalty of up to €20 million, or 4% of worldwide annual turnover – whichever is higher – the financial risk is hefty. The circumstances, such as the nature, gravity and duration of the infringement, will dictate the amount – but the true cost of any major breach doesn’t end there. As the privacy scandal that has engulfed Facebook has shown, the reputational damage of not handling data appropriately can be even higher. In the first 24 hours after the news broke, some £25 billion was wiped from the social media platform’s share value. And the fallout continues with other channels scrambling to make their privacy policies clear to users. Extremely serious breaches could even generate the prospect of a class action against the offending company.

2.       The issue is broader than the European Union

One of the biggest misunderstandings in this area is that GDPR is confined to companies that are physically based inside the EU. Essentially, any company that wants to do business with EU customers – be it by selling goods or services, or by monitoring behaviour in some way – will have to meet the GDPR – or equivalent – standards of data protection. The legal reasons for this are bound in the way in which trade with the EU operates. There are three main routes to market here:

  • Similarly, bilateral trade deals usually require the non-EU country to apply laws that are at least as demanding as EU legislation. Here, we can look to Switzerland as the example.
  • Independent trade deals can be undertaken without the regulatory burden, but even then GDPR still requires the appliance of ‘adequate’ protection in order to allow EU members to pass information the non-EU country. 
  • As Jan Phillip Albrecht LL.M, Member of the European Parliament and Vice Chair of its Civil Liberties, Home Affairs and Justice Committee, wrote in 2016: “It is paramount to understand how GDPR will change not only the European data protection laws but nothing less than the whole world as we know it.”

 

3.       Interpretation is king

One of the main issues that any firm’s lawyers will have to grapple with is the fact that these are not clear-cut, black and white rules we’re dealing with. GDPR is principle-based regulation, and any investigation conducted by the Information Commissioner’s Office (ICO) will ask questions about whether ‘effective’ consent was obtained by the person who owns the data and whether that data is considered ‘current’. The interpretation of words like ‘effective’ and ‘current’ will be entirely at ICO’s discretion and would involve a legally-based assessment – making it considerably more difficult to determine whether your measures are sufficient without contextual and expert advice.

 

4.       This is a company-wide issue

This is one of the biggest changes ever seen in the way that businesses use, manage and protect personal data. Under GDPR, personal data belongs to the individual and businesses are simply its guardians. This is not something, therefore, that senior executives can just pass down to their compliance team. It’s going to require employee training for anyone who handles data. It’s going to require that businesses regularly scrutinise the kind of data they handle. It’s going to require a review of every employee and subcontractor contract. And it’s going to require the implementation of adequate mitigation processes, should employees find themselves handling a breach.

 

5.       Technology is not a “catch-all” solution

A lot of the focus on GDPR has concentrated on big data hacks, and there’s no doubt that companies need to be thinking about their cybersecurity measures. But, there are some risks that simply cannot be fixed by computers – consider, for example, confidential papers left in a taxi. The other seismic shift that GDPR causes is on technology itself. No longer will companies – for instance those offering loans – be able to use automated decision-making technology to offer or deny customers a service, such as a mortgage or a loan, based purely on an automated credit score. Technology will absolutely help companies protect themselves, but it should not be considered a panacea.

 

If you are concerned about whether you’re ready for GDPR, it may be worth taking legal advice, or, at the very least, asking yourself some key questions such as:

 

  • Can the data that we handle be anonymised?
  • Where is the data that we handle actually going?
  • Have I given my employees the correct information to prepare them for this change?
  • Are our contracts GDPR compliant?
  • Do we need to hire a data protection officer?
  • Should we seek specialist legal advice to ensure that we are compliant?
  • Do you have adequate processes in place should employees have to handle a serious data breach?

 

To get a quick overview of whether your GDPR compliance knowledge is up to speed, you can also take Quentin’s GDPR quiz.

 

If you wish to seek specialist legal advice on this subject you can contact Quentin Hunt here.

Categories: Legal

Sidebar Image - Our Awards
Our Awards

Discover our award winners and nominate businesses you know deserve recognition!

View Our Awards
Sidebar Image - Our Issues
Our Issues

Keep up to date with industry leading news, and key business features.

View Our Issues
You Might Also Like
Read Full PostRead - Eye Icon
Six Important Tips to Build Local Awareness for Your BrandNews
04/09/2023Six Important Tips to Build Local Awareness for Your Brand

Business branding is not a new concept for local businesses. Every business wants to enhance the overall perception of their brand, product, or service. However, it can be a hard endeavor to achieve when you have so much competition around you. In such circums

Read Full PostRead - Eye Icon
What Is A Hedge Fund?Finance
20/12/2018What Is A Hedge Fund?

An alternative investment, Hedge Funds are a form of fund that everyone has heard of but not everyone fully understands. In this article, Staff Writer Hannah Stevenson offers a brief overview of Hedge Funds and the benefits they provide for a seasoned investor

Read Full PostRead - Eye Icon
Could the Extinction of the Paper Receipt Cause a Change in Your Spending Habits?Innovation
06/01/2020Could the Extinction of the Paper Receipt Cause a Change in Your Spending Habits?

Paper receipts account for 1.5 billion pounds of environmental waste each year in the United States alone. So, is it time for paper receipts to become extinct? As a way of reducing the amount of waste you are producing this seems like the way forward for most

Read Full PostRead - Eye Icon
Setting Industry StandardsInnovation
12/03/2020Setting Industry Standards

An activity that was once exclusive to elite individuals has become an easily-accessible, readily available, and highly exciting venture for people across the world. Trading and investing has grown alongside technology to become an increasingly intuitive activ

Read Full PostRead - Eye Icon
Building Trust in Digital Securities: Insurance’s Time To Step UpNews
10/02/2020Building Trust in Digital Securities: Insurance’s Time To Step Up

Assurely’s Co-Founder and Chief Insurance Officer, Ty Sagalow shares his views about the role insurance can play to advance digital securities.

Read Full PostRead - Eye Icon
Commercial and Private Client Advisory ServicesStrategy
29/02/2016Commercial and Private Client Advisory Services

Veale Wasbrough Vizards (VWV) is a UK top 100 law firm with offices in London, Bristol, Birmingham and, from 1 February, Watford. We are a full service firm in our locations offering commercial and private client advisory services, with a national presence in

Read Full PostRead - Eye Icon
British Businesses Adopting a Zero-Waste StrategyCorporate Social Responsibility
12/05/2022British Businesses Adopting a Zero-Waste Strategy

Here, we will list three British businesses leading the way and incorporating zero waste strategies. This includes corporations that favour sustainable waste management over zero-waste-to-landfill and waste-to-energy solutions.

Read Full PostRead - Eye Icon
Measuring Success in Change Management: Metrics, KPIs, and Evaluation MethodsNews
23/05/2024Measuring Success in Change Management: Metrics, KPIs, and Evaluation Methods

Change practitioners are expected to measure the contributions of all their change management activities in order to achieve the desired success on their projects. Change is something that every organization needs to go through to progress.  By adopting t

Read Full PostRead - Eye Icon
How to Set and Achieve Your Business GoalsLeadership
27/04/2020How to Set and Achieve Your Business Goals

The ability to set and reach goals within your career is an important part of success in business. As a business leader, you need to be able to help others create and achieve their goals as well as your own. However, even the most ambitious and capable people

View More Articles
Advert banner - ACQ - Non-Profit Organisation Awards 2025 AD
Our Trusted Brands

Acquisition International is a flagship brand of AI Global Media. AI Global Media is a B2B enterprise and are committed to creating engaging content allowing businesses to market their services to a larger global audience. We have 14 unique brands, each of which serves a specific industry or region. Each brand covers the latest news in its sector and publishes a digital magazine and newsletter which is read by a global audience.

APAC Insider
BUILD Magazine
LUXlife Magazine
GHP News
The Business Concept
New World Report
Wealth & Finance International
SME News
Innovation in Business

MORE BRANDS

Arrow
Athina Fouchard Papaefstratiou ArbitrationHamrun Hanin Voluntary OrganizationLatana Brand TrackingEveraxisKPM ASSETGrant Thornton AustriaPosiROI LLCThe Law Office of Calvin Goldman, KCP.D. Audit LtdElevated Talent LTDAnna Wynne & AssociatesMENRV.AIMERH-IP Matias Erny Reichl Hoffmann Patentanwälte PartG mbBE S Pet CareLegacywiseFashion Studio MagazineKickdrum PartnersTopstone SolicitorsHui Ye Law FirmBrowstheticsEscape Reality Magic ShowIronYunKobre & Kim LLPMARTÍN, ISLA Y PICKERING, S.C.VK Property ManagementZilliqaElizabeth Sands Beauty SchoolCLOEme Paralegal ServicesKyribaJayne Constantinis – Trainer, Speaker, Presenter, Voice-overGeorge Green Solicitors LLPBucket List EventsOS Phoenix Bidco.Axcynsis Therapeutics