Four in 10 firms admit to failing on GDPR

Almost four in ten firms are still failing to follow the General Data Protection Regulation, despite it coming into force – alongside penalties for ignoring it -- nearly three months ago.

In fact, 37 per cent of businesses confess to not being ‘GDPR-compliant,’ leaving them open to fines for neglecting to abide by the May 25th regulation, found MarketingSignals.com.

More surprisingly for a rule that ‘resides at the crossroads of legal and tech,’ IT/Computing companies emerged as the biggest shirkers of GDPR responsibilities, the agency said.

Among such IT businesses, 42 per cent admitted to flouting their GDPR obligations, making them almost twice as errant as the next biggest culprits – Retailers (26 per cent).

Sending emails without expressed consent is the most common breach; followed closely by the storing of data from people who have not agreed to ‘opt-in’ to have their data stored.

The other non-compliant practices are failing to secure data in case of a ransomware attack; overly long opt-out processes, and having privacy-friendly choices ‘hidden’ from consumers.

Gareth Hoyle, managing director of MarketingSignals said firms still needed to understand that ethical, responsible customer data practices were crucial to ensuring customer trust.

“Not only this, but it will enhance the quality of data collected which is a good thing”, he added, referring to the 17% of firms who said they were unsure if GDPR offers any benefits.