This week marks six months since GDPR was implemented, and by taking a pulse on how effective the EU's sweeping regulation has been, you can see how it has changed the way social marketers there think about security and compliance.
It's tough for American communicators to tell just what all of this means to us, though, at least until we start to see some consequences from GDPR enforcement. Sanctions are the next step, and are expected by the end of the year, according to European Data Protection Supervisor Giovanni Buttarelli.
"Not necessarily fines but also decisions to admonish the controllers, to impose a preliminary ban, a temporary ban or to give them an ultimatum," Buttarelli told Reuters.
"The fine is relevant for the company and important for the public opinion, for consumer trust," he continued. "But from an administrative viewpoint, this is just one element of the global enforcement."
With the implementation of GDPR, global social platforms like Facebook and Twitter instituted new privacy policies internationally, and not just in European markets. Sanctions against global brands could lead to another push for regulations that Congress hasn't been able to enact quite yet, despite the efforts of lawmakers including Senator Mark Warner.
One global brand that might be under fire when these sanctions come in: Ticketmaster. "The UK's own data protection agency, the Information Commissioner's Office (ICO), is believed to have a number of ongoing investigations that have yet to materialise a sanction, including Ticketmaster, which suffered a breach on its systems in late June," writes ITPRO. "It also recently revealed that it was receiving over 500 calls per week, many of which were data incidents that failed to meet the reporting threshold."
Domestic communicators for U.S. business should take note—GDPR sanctions are coming, and the brands that are found to be noncompliant will have a much tougher time cleaning up a mess once that mess is made public.
Follow Justin: @Joffaloff