The European General Data Protection Regulation (GDPR) represents the biggest change to the EU’s privacy laws in almost a generation.
However, despite it being ratified two years ago, there appear to be major compliance problems ahead of the May 25 deadline.
Privacy site vpnMentor analyzed 100 websites in each EU member state using the popular MailChimp email marketing service. Any firm using this platform would have to comply with the GDPR’s strict new rules governing privacy policies, it said.
From the end of May, organizations will be required to be much more open and honest with users about how their data is collected and what it is used for, and the new policy must reflect this in clear English.
Unfortunately, just 34% of websites across the EU are compliant at present, with the figure falling to 31% in the UK.
Germany (67%), Austria (59%), Italy (51%), Cyprus (50%) and Malta (50%) topped the list of most compliant websites.
UK government research from earlier this year claimed that just 38% of businesses had even heard of the new regulation.
Fines of up to £17m, or 4% of global annual turnover, could realistically be levied by regulators for serious infractions, although the information commissioner has said that such fines won’t be the norm, and it won’t be looking to punish early on.
Source: Information Security Magazine