Ignorance of EU data reforms will cost you dear

Businesses are clueless about EU data protection reforms. That’s a dangerous way to be, given that they could be sued just for causing distress.


A survey of 506 data professionals working in UK businesses, carried out by London Economics on behalf of the UK Information Commissioner’s Office (ICO), reveals today that 87 per cent of them don’t know what it will cost to implement the EU’s General Data Protection Regulation.

Worse still, accurate understanding of the new regulation, likely to come into force in 2016, is very scant indeed. The survey interviewees were asked questions about the 10 main provisions proposed by the new law and 40 per cent failed to give a fully accurate description of any of them. Not one. And these are data specialists.

You might say, given that the regulation hasn’t even been passed by the European parliament yet and that it will be three years before its impacts are felt, that the current level of ignorance is not a serious concern.

But there’s another key reason why businesses should urgently start familiarising themselves with the regulation – a reason that has received virtually no public attention so far. According to the EU committee putting together the data reforms, consumers should now be entitled to claim for damages resulting from “non-pecuniary losses”.

That means they wouldn’t have to suffer financial problems as a result of a company’s illegal data practices in order to be awarded damages. It means they would only have to show they have suffered distress.

The argument in favour of reforming data protection laws is that breaches that have the potential to cause such distress should become rarer, because data collection is minimised and the accuracy of the data held should be improved. But clearly, the punishments for any lapses will be higher and the barriers against consumers taking legal action will be lower. They could also launch class actions in groups, represented by consumer associations, for example.

Aside from the costs of actually complying with the law, this particular change opens businesses up to a whole new level of potential liability they’ve never been exposed to before. Breaching the rules because you don’t know what they are could incur penalties that threaten the very existence of some small companies.

The ICO’s research shows that businesses don’t appreciate how fundamental the EU’s proposed reforms to data protection are. It may be nearly three years before the new law is actually enforced, but it will drastically change the way you use data.

The only way to get a handle on it – and how much it could cost you – is to start preparing now.

Latest from Marketing Week


Access Marketing Week’s wealth of insight, analysis and opinion that will help you do your job better.

Register and receive the best content from the only UK title 100% dedicated to serving marketers' needs.

We’ll ask you just a few questions about what you do and where you work. The more we know about our visitors, the better and more relevant content we can provide for them. And, yes, knowing our audience better helps us find commercial partners too. Don't worry, we won't share your information with other parties, unless you give us permission to do so.

Register now


Our award winning editorial team (PPA Digital Brand of the Year) ask the big questions about the biggest issues on everything from strategy through to execution to help you navigate the fast moving modern marketing landscape.


From the opportunities and challenges of emerging technology to the need for greater effectiveness, from the challenge of measurement to building a marketing team fit for the future, we are your guide.


Information, inspiration and advice from the marketing world and beyond that will help you develop as a marketer and as a leader.

Having problems?

Contact us on +44 (0)20 7292 3703 or email customerservices@marketingweek.com

If you are looking for our Jobs site, please click here