Another tax on business is just about to go live in the form of GDPR. The problem is that GDPR will significantly increase costs for small business and won’t ever lead to single prosecution. It’s more fantasy regulation from people who have never been in business.
You may have already heard about GDPR (General Data Protection Regulation). Ironically, like 95% of the people we surveyed, you will almost certainly have received spam emails about it. Spam emails sent by everyone from motor breakdown providers to mobile phone operators. All these innocently contacting you to tell let you know that even though you haven’t used them for 6 years, this is how they are going to handle your data. More importantly, they include their special offers to get you back. Here we have it, GDPR, License to spam. Rules already being abused and bent.
GDPR is supposed to tighten the rules regarding the way organisations handle your data. This aim is something that we totally agree, there are ways to do it but this can’t in practice be done with regulation. There are several reasons for this.
1) Those that need regulating (The spammers, cold callers etc) will just move their data handling division offshore. The small businesses that wouldn't have a clue how to mishandle your data if they tried, are the ones that didn’t need regulating in the first place. Those groups who do all the cold calling and sending of spam emails aren’t in the UK or even in the EU. No Indian call centre is going to come under GDPR. We see this in finance all the time. It’s why, despite over 4000 warnings on the FCA’s website. Not one single site has ever been prosecuted by them. This was revealed to us in a freedom of information request last year.
2) Proving where data leaked from is almost impossible.
3) Using third-party proxy companies to shift the blame is so easy, it can by setting up a new company for £20. They could also bung a down on his luck chappie at the local off-license a couple of quid for Special Brew to act as a director and take the fall when it goes wrong. Good luck to the GDPR Police trying to fine him a load of cash. Of course, we are being flippant but our point is there.
4) Most people are too busy running their small businesses to ever spend time reading about changes to things they have no idea about. Most just use common sense methods when it comes to data handling procedures. GDPR won’t be ignored maliciously but will be ignored by people all over Europe.
5) The Government fines companies using terror legislation for encrypting customer data and then after a leak, it fines them because they didn’t encrypt it. It’s almost comical.
We’ve already seen that clever lawyers will quick bypass safeguards. The EU regulators will be no match for the likes of Facebook or Apple’s legal teams. Nor will they be given the budget, they never are.
In the end, GDPR will go the way of the EU Cookie Directive that sometimes appears on websites. That was some ruling that everyone ignored, something about an alert on every homepage of websites that told people how their cookies would be handled. We don't recall anyone ever being prosecuted for not displaying it. This site has never complied and never would.
More red tape, more regulation, more costs for business who ultimately pass it on to their customers. It all means bigger fees for business parasites who feed off honest hard working business owners. This time the parasites take the form of consultants and compliance agents who will – for a ransom fee, guide your business through the minefield of legislation that is on its way. Legislation that they and their friends helped set up. In finance, individuals are regulators one minute and suddenly become directors of compliance companies the next. Business parasites that have never created anything and live off the hard work of others.
Anyway, if you run a business, just forget about GDPR, don't pass the costs on to your customers because your competitors won't. Eventually, it will go away just like all the other silly rules – ignore it, we are!