What the Evidence Shows About the Impact of the GDPR After One Year

One year later, there is mounting evidence that the law has not produced its intended outcomes; moreover, the unintended consequences are severe and widespread.

The General Data Protection Regulation (GDPR), the new privacy law for the European Union (EU), went into effect on May 25, 2018. One year later, there is mounting evidence that the law has not produced its intended outcomes; moreover, the unintended consequences are severe and widespread. This article documents the challenges associated with the GDPR, including the various ways in which the law has impacted businesses, digital innovation, the labor market, and consumers. 

Specifically, the evidence shows that the GDPR:

  1. Negatively affects the EU economy and businesses
  2. Drains company resources
  3. Hurts European tech startups
  4. Reduces competition in digital advertising
  5. Is too complicated for businesses to implement
  6. Fails to increase trust among users
  7. Negatively impacts users’ online access
  8. Is too complicated for consumers to understand
  9. Is not consistently implemented across member states
  10. Strains resources of regulators
What the Evidence Shows About the Impact of the GDPR After One Year