• by Ray Schultz , Columnist, January 25, 2018

Maybe the dreaded General Data Protection Regulation (GDPR) isn’t so scary after all.

Only two EU member states have adopted national legislation to support the GDPR, the European Commission said yesterday. Law 360 identified the countries as Germany and Austria. 

The Commission shared that revelation when announcing the publication of guidance on GDPR compliance. It’s a timely document, given that there are slightly more than 100 days to go before the GDPR takes effect.

It proves that countries are in the same boat as businesses — they are still trying to make sense of it. 

Here’s a bit of clarification. The Commission says member states should “adapt national legislation to new rules as soon as possible to give operators enough time to prepare. 

• This would require that they:
• Repeal and amend existing laws.
• Set up national data protection authorities.

Repeat the text of the Regulation in national law.

Countries would also have to supply the necessary resources and grant complete independence to their Data Protection Authorities. The Commission concedes, however, that “preparations are progressing at various speeds across Member States.”

Based on this, one wonders if this is one of the biggest boondoggles ever to hit the Western world.

Every day, it seems, a report comes out stating that some business sector or other isn’t ready for GDPR, and may not even know about it. 

But government ministers should get their own houses in order before lecturing business people. They’re clearly not ready for the GDPR.

Not that you can afford to take the GDPR for granted. There are savage fines for noncompliance, and we bet they will be enforced, one way or the other.   

For its part, the Commission has allotted EUR 1.7 million to fund data protection authorities and train data protection professionals. And it has set aside EUR 2 million to support national authorities in reaching out to businesses in certain categories — especially SMEs.  

But that’s not a lot of money, considering that there are 28 countries in the European Union. 

The Commission has also established an online tool to help citizens, SMEs and other businesses comply and benefit from the GDPR.

Meanwhile, in other GDPR-related news:

• A report from SafeDK states that over 55% of all mobile apps may not be compatible with the GDPR and Google Play requirements. They will have to make code changes. 
• TrustArc has launched the TrustArc Individual Rights Manager to help companies deal with data subject access rights requests in accordance with the GDPR.

So, like it or not, the GDPR is roaring down the track. And here’s the justification.

"Our digital future can only be built on trust,” statesAndrus Ansip, European Commission VP for the Digital Single Market.Everyone's privacy has to be protected.

Ansip adds: “Strengthened EU data protection rules will become a reality on 25 May. It is a major step forward and we are committed to making it a success for everyone."