Almost one year since the implementation of the
EU’s new sweeping data privacy law, lawyers across
the continent feel that the story has only just begun.
The now-infamous General Data Protection Regulation (GDPR)
was revolutionary on many levels. This new, unprecedented
legislation meant enhanced consent was needed from the
consumer, and that banks and corporates faced significant
technical changes impacting data management and storage,
marketing and communication strategies, and more.
In terms of how banks and companies have adapted, it appears
to be, as yet, an unfinished story. As Cleary
Gottlieb’s Natalie Farmer put it: "May 25 2018
came and went, but client work on GDPR is certainly ongoing.
We’re now working with clients to build GDPR
compliance into global data protection strategies".
This is echoed by in-house sources. A senior data privacy
officer at a German bank said that while the core change
initiative is over...