It’s been a little over three months since the EU’s General Data Protection Regulation (GDPR) came into effect, but complaints about potential data breaches have already more than doubled from a year before, according to a new report.
Figures from law firm EMW show that there were 6,281 complaints to the Information Commissioner’s Office (ICO) from the start of GDPR (May 25) to July 03, marking a 160% surge from 2,417 complaints during the same period in 2017.
In particular, the firm said more individuals are making complaints – with some doing so repeatedly. They are considered most likely to make complaints when their person or financial information is allegedly put at risk.
“A huge increase in complaints is very worrying for many businesses, considering the scale of the fines that can now be imposed. There are some disgruntled consumers prepared to use the full extent of GDPR that will create a significant workload for businesses,” said James Geary, principal in EMW’s commercial contracts team.
The financial services sector received over 10% of all complaints (660), with businesses in the education and health sectors receiving a combined 1,112 complaints.
According to Geary, the firm has seen many businesses struggle with GDPR, as the implementation may have taken some by surprise.
“For example, emails represent one of the biggest challenges for GDPR compliance as failing to respond promptly to subject access requests or right to be forgotten requests could result in a fine. The more data a business has, the harder it is to respond quickly and in the correct compliant manner,” he added.