You’re probably sick of hearing about GDPR – to be honest, so are we! But what does interest us is the reputational risks to a company, firm, or organisation if any should fall foul of the new, rather strident, regulations.
The only way for the media to justify yet another GDPR-related story in the aftermath of its implementation is to expose the first investigation for failure to comply – and you can be sure law firm PRs are equally awaiting this opportunity to educate. What’s worse is if it’s your company that has ignored individuals’ preferences on a mass scale, you may find your workplace the subject of unwelcome litigation, as customers bunch together to engage class action lawyers to hold your company to account. Any resultant media attention will be uncomfortable as it will affect your company’s standing among its stakeholders. The likes of TSB, Uber, Talk Talk, Equifax and Wonga know to their cost the reputational damage that can follow from data-related problems. However, companies can take a modicum of solace from the fact that the Independent Commissioner’s Office (ICO) has said in the first year they would take an advisory position for first time non-compliance and not look to immediately impose large financial penalties.
Time will tell whether the general public is sufficiently aware of its new rights, or indeed whether lax custody of its personal data matters sufficiently to lodge an effective complaint, let alone file a lawsuit. Regardless, the regulatory environment is such that reputational risks still remain.
23 May 2018