In the past few weeks, European supervisory authorities have shed light on their initial enforcement priorities for the EU General Data Protection Regulation. France's data protection authority, the CNIL, publicly acknowledged the difficulty of complete GDPR compliance, stating that companies not yet fully compliant “can expect to be treated leniently initially provided that they have acted in good faith.” The Dutch AP has similarly stated that “fines will only be imposed at the beginning if it is obvious something is very wrong” in response to the fears of local municipalities. But, what do “acting in good faith” and “very wrong” mean? Take a look at our handy infographic to see if you’re likely to come into the crosshairs of European regulators.
If you want to comment on this post, you need to login.