Despite progress of GDPR, digital transformation still lacks a regulatory pillar


Now into the third year of GDPR, questions are being asked about what change it has brought about. This article notes there have been around 340 GDPR fines totaling approximately $180 million over the last two years. However, two of the largest fines amounting to a combined $350 million are still to be confirmed in the coming weeks — British Airways ($229mn) and Marriott ($123mn).



The fines are notable, especially if the BA and Marriott penalties stick. But two years into its existence, two of the biggest impacts of GDPR could be the way in which it has helped raise public awareness of privacy issues, and the fact that it has created a common regulatory position on the topic. Big tech companies—especially the data brokers like Google and Facebook—initially lobbied against the regulation, warning amongst other criticisms about the hindrance it would place on innovation. But this has not come to fruition.

It remains to be seen how much the landmark regulation has changed the privacy and data protection practices of companies. Despite increasing proclamations from companies like Apple and Microsoft about data privacy as a human right in need of comprehensive legislation at a federal level, no such bill is in sight in the US.

Data is today’s most valuable asset, yet it continues to go largely unregulated. As we have highlighted before, well enforced regulation of how data is used and how well it is managed by companies is still needed as a pillar of the digital transformation that dominates the global economy.

We use cookies to make our website more user-friendly and effective

The Cyberhedge Indices Cookie Policy

What are the Cyberhedge Cyber Governance Indices?

These first ever benchmarks prove good cyber governance matters to shareholder value. They measure stock market performance of companies with good and with bad cyber governance scores. Scores are based on Cyberhedge’s proprietary cyber governance rating methodology. Market performance is tracked by an independent firm. The results show that companies with good cyber governance outperform their peers in US, UK, and EU markets.

Information that we collect

Here you can see and customize the information that we collect about you. To learn more, please read our privacy policy

Continue on website