Just hours after the UK Government pledged to go its own way on data protection to boost the post-Brexit economy, one of GDPR’s biggest advocates has called for a major overhaul of the regulation, insisting it is already out of date.
Seven long years in the making, GDPR eventually came into force in May 2018, following a two-year grace period and was hailed by Brussels at the time as a “major step forward”.
However, three years down the line and German MEP Axel Voss believes it is now out of date.
Voss told the Financial Times that the regulation requires “surgery” to, among other things, take into account the shift to the new working from home environment, arguing that the legislation is a compliance “minefield” for organisations that have a remote workforce.
He added: “If you have a home office situation and you’re dealing with personal data, you are left alone with numerous legal obligations that are difficult to understand. What are the requirements for dealing with data protection in a private home?”
“We have to be aware that GDPR is not made for blockchain, facial or voice recognition, text and data mining [or] artificial intelligence.”
And echoing UK Culture Secretary Oliver Dowden’s remarks about the data economy, Voss said: “The digital world is about innovation. We cannot stick with principles established in the 80s that do not reflect the new situation we are living in.”
Voss is not the first senior politician to voice concerns over the legislation, however. Days after it was implemented into UK law via the Data Protection Act 2018, senior Labour MP Darren Jones insisted it did nothing to tackle the issue of companies exploiting personal data, the use and regulation of algorithms, and the global co-operation needed to ensure a high standard of compliance in the face of global technology companies.
Jones, a member of the EU Scrutiny and Science & Technology Select Committees and a former member of the Public Bill Committee for the Data Protection Bill, believed the legislation entirely would be inadequate in regulating the digital world.
More recently the European Commission has been urged to force member states to increase investment in GDPR enforcement – and even refer them to the European Court of Justice if necessary – or risk the regulation being seen as dead in the water.
Meanwhile, the Irish Data protection Commission – the lead regulator for nearly all US tech giants – has long been criticised for its slow progress in bringing the companies to book, inaction which many claim is undermining GDPR.
New ICO to ‘boldly’ lead UK into global data economy
GDPR two years on: EU chiefs finally admit funding issue
Now Germans call for GDPR shake-up to avoid ‘collapse’
Brussels urged to act on GDPR failings or risk demise
GDPR one year on: Data is now a major boardroom issue
GDPR zero hour: Now the hard work begins say experts
MPs ‘as clear as mud’ about how to comply with GDPR
‘Inadequate’ Data Protection Bill is ‘already out of date’
New laws threaten online ‘havoc’