Mozilla Official Predicts Stricter GDPR Enforcement in 2019

A senior official at Mozilla has predicted that 2019 will see much stricter enforcement of GDPR across Europe.

The Senior Policy Manager and European Union Principal for Mozilla, Raegan MacDonald, has said that she believes that 2019 will see enhanced resources dedicated to the enforcement of the European Union’s General Data Protection Regulation (GDPR). Mozilla is a computer software organisation well known for its stance on the protection of an “open internet”, and concerns about data security online.

GDPR came into effect on May 25th 2018, and has since had wide-reaching implications for many companies both within and outside the EU. GDPR compliance is a requirement for any company that collects, maintains, and uses the personal data of EU citizens. It was designed to introduce a number of principles that aim to minimize the risk of data theft and ensure adequate protections are put in place to protect the integrity of confidential information. GDPR also aims to give more rights to the person to whom the data concerns.

In the seven months since its introduction, no fines have been levied against organisations who have found to be in breach of GDPR. This is a fact that Ms MacDonald expects to change in 2019. Speaking to TNW she stated: “We haven’t seen the big fines levied just yet. But I suspect that if 2018 is the year of implementation, 2019 will be the year of enforcement.”

MacDonald added that she also expects that it will be confirmed the full impact of GDPR has not yet been “truly experienced”. She expects that most companies are simply doing the minimum to give an illusion of compliance, or making efforts to comply, with the new legislation, but it will be revealed that they are in fact in breach of GDPR’s strict rules.

“While it is early, I haven’t yet seen that impact, although some progress is being made. Many companies have updated their privacy policies and created tools to give users more control, such as ways to request that their data be deleted. Many companies appear to be interpreting GDPR as narrowly as possible. I’m concerned that privacy is still by default put at risk without users understanding or having meaningful control,” Ms MacDonald said.

She believes that the ‘superficial’ approach to compliance and data protection will change as as the local data protection enforcement agencies in each EU Member State grow increasingly familiar with the legislation and how it is to be applied.

She stated: “Starting in 2019, I expect this ‘grace period’ to end, where companies will either shape up or face serious fines by regulators. Laws are only as strong as their enforcement, and we are encouraged by the fact that many data protection authorities are starting to closely scrutinize the underwhelming implementation measures taken by some companies (and the thousands of complaints filed).”

MacDonald went on to say that Mozilla would like to see greater authority be apportioned to users in relation to management of their private data, saying “Mozilla strongly believes that users should be given meaningful control, not just tools buried in privacy notices or deep within settings menus. And ultimately, we need strong enforcement in Europe against those companies that aren’t genuinely delivering on the principles in the GDPR.”