“While the GDPR has sparked progress in advancing privacy protections and awareness globally, it has proven after more than three years to be much better in theory than in practice,” says John Wiltshire, president and CEO, CMA. “There are growing concerns that the law’s pitfalls are stifling innovation, overwhelming regulators and creating complexity for consumers. Canada has the opportunity to learn from the EU experience, and to once again be a global leader with legislation that protects consumer privacy while preserving the enormous social and economic value of data to Canadians.”
Among the GDPR’s pitfalls that the research identifies:
- ·Staggering regulatory burden: Governments in the EU are struggling to afford the costs and to deal with the regulatory complexity of their privacy law. Approximately two-thirds (21) of European countries surveyed by the European Data Protection Board stated that regulators across Europe do not have enough human, financial and technical resources to effectively regulate the full set of requirements of the GDPR.
- Stifled innovation and growth: Organizations in the EU have diverted significant resources to understanding and interpreting the law’s prescriptive provisions – at the expense of more meaningful privacy protection and innovation-generating activities, including plans to create innovative new products (23 per cent) or to fuel growth through international expansion (22 per cent). Faced with the burden of compliance, some organizations outside of the EU have localized data flows or stopped servicing the European market entirely, further impacting economic growth, trade and investment.
- Disproportionate impact on SMEs: Small and medium-sized enterprises (SMEs) have been the hardest hit, experiencing challenges in interpreting and understanding the GDPR’s complexity at a time when consumer data is critical to their ability to compete and contribute to local economic growth.
- Complexity for consumers: Consumers in the EU are suffering from increased “consent fatigue,” causing them to be less likely to carefully review notices and make informed decisions. They are also facing a slow and overly complex complaint resolution process as it relates to cross-border cases.
“The goals of protecting consumer privacy and fostering data innovation are not mutually exclusive,” says Wiltshire. “The GDPR’s pitfalls show us that rigidity and complexity create extensive hurdles for businesses, governments and consumers alike, and Canada needs to take a more proportionate and less burdensome approach.”
This Government of Canada is expected to introduce new legislation to update Canada’s private sector privacy law this spring. The new legislation would replace the Personal Information Protection and Electronic Documents Act (PIPEDA), which served as the global gold standard for privacy protection for more than a decade but now needs to be updated.
Privacy Law Pitfalls: Lessons Learned from the European Union is available for download here.
About the Canadian Marketing Association
The CMA’s purpose is to embolden Canadian marketers to make a powerful impact on business in Canada. We provide opportunities for our members from coast to coast to develop professionally, to contribute to marketing thought leadership, to build strong networks, and to strengthen the regulatory climate for business success. Our Chartered Marketer (CM) designation signifies that recipients are highly qualified and up to date with best practices, as reflected in the Canadian Marketing Code of Ethics and Standards. We represent virtually all of Canada’s major business sectors, and all marketing disciplines, channels and technologies. Our Consumer Centre helps Canadians better understand their rights and obligations.
SOURCE Canadian Marketing Association
For further information: or to schedule an interview: Emily Abrahams, CMA,([email protected] │416-949-1650)