Showing results for 
Show  only  | Search instead for 
Did you mean: 
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community Champion

According to Forrester 80% of firms will not fully comply with GDPR.

In Forrester Predictions 2018 A year of reckoning, we find prediction 8 entitled "The GDPR challenge"


GDPR challenges how companies balance risk and cost. Full compliance with all aspects of GDPR, including the ePrivacy Directive, is a high and expensive bar to clear. Non- or partial compliance could create extraordinary costs and damage to the brand.
Companies are weighing what it means to fully or partially comply.
We predict that 80% of firms affected by GDPR will not comply with the regulation by May 2018. Of those noncompliant firms, 50% will intentionally not comply — meaning they have weighed the cost and risk and are taking a path that presents the best position for their firms. The other 50% are trying to comply but will fail.
This will be a fluid environment; any successful case against a well-known giant will change the risk/cost balance.
The sleeper issue of 2018 will not be compliance but how consumer advocate groups use GDPR to prosecute their agendas by using the regulation’s “right to be forgotten” clause — exhausting companies’ resources and damaging their brands.


Do you agree with this view?

Tags (1)
2 Replies
Newcomer III

Rather than just looking at risk and cost, we should be looking ahead where the regulation will take us to the next decade(s). I believe all of us will be a consumer some point in time. These requirements will assist us to define rules that will help building trust between organisations and their consumers. Risks and costs will only affect those who aim to adopt practices below expectations or ignore the rule book. For those practice above and beyond, not only consumers will flock in masses to them due to these newfound trust, their balance sheet and reputation will also be the role model for industries and markets.

Newcomer I

Are the remaining 20% not processing any personal data?


Being "fully compliant" does not mean much, especially since we don't have all the keys to ensure compliance.