One in four companies in the United States and Europe will not be able to comply with GDPR by the end of this year, according to a study by French technology service provider Capgemini.
Many companies are ignoring the business opportunities stemming from the law and are instead focusing on compliance, said the Paris-based professional services giant, claiming to have interviewed 1,000 executives and 6,000 consumers across 8 markets for the report.
“Executives now have a great chance to use GDPR to create a customer-first privacy strategy. That business opportunity is significant,” said Willem de Paepe, Global GDPR leader at Capgemini.
The new EU data protection law, which positions data privacy as a human right, has increased consumer faith in service providers. Knowing exactly what data is held allows firms to use analytics more effectively and improve operations.
“Firms will also know which files they must delete, freeing up valuable storage space and reducing some of the US$3.3 trillion it will cost to manage data globally by 2020,” Paepe added.
Those who have already invested in compliance and data transparency will soon begin reaping the rewards, says Capgemini. That’s because 39% of consumers have increased spending by as much as 24%.
Those who fail to comply will pay a heavy price, because around 57% of European respondents in the Capgemini survey have stated they will take action against an organization if they know a firm is failing to adequately protect their personal data. Of these, more than 70% will take actions such as reducing their spending (71%), stopping doing business with them (71%) or sharing negative experiences with family and friends (73%).
This lack of preparation to comply with the law was in fact expected. In an interview with Nearshore Americas, Orson Lucas, Managing Director of Cyber Security Services, and Co-leader for GDPR services in the US at KPMG, told in advance that he did not think most organizations were fully prepared.