Inside the Personal Data Economy Part Three: The Pros and Cons of the GDPR

The European Union’s implementation of the General Data Protection Regulation (GDPR), and the state of California’s plans to follow in its footsteps, (see my previous post) have caused an uproar of both praise and criticism across the globe. While some of us are giving a round of applause to the European Union, others of us are throwing an endless supply of rotten tomatoes at the courthouse.

So, what’s the fuss about anyways? Here at GXG, we like to make lists of pros and cons to help us sort through complex topics like this one. Here’s what we came up with:

Pros of the GDPR:


The GDPR gives consumers complete control over their data by extending 8 personal rights to all individuals (previous post). These rights give consumers the authority to withhold, withdraw, or alter their consent to use of their personal data at any time.


The GDPR ensures that greater measures are taken to keep our personal data secure. From our browsing history, to our current location, and all the way to our social security number, there’s a whole lot of personal data that we’d prefer to keep private. However, data breaches happen. In fact, Forbes reports that there have been more than 300 data breaches have occurred in the past ten years. Breaches leave consumers vulnerable to crimes such as identity theft, monetary loss, and stalking.

The GDPR’s 72 hour rule  requires that in the event of a data breach, a company carry out an investigation, report the breach to a supervisor, develop a containment plan, and alert any consumer who may be affected or harmed by the breach – all within 72 hours. The GDPR thus forces companies to develop strong security measures and requires that consumers be informed when their data was exposed.


As a result of the GDPR, companies who operate in or interact with the European Union are held accountable for their use of consumer data. If companies fail to comply with GDPR guidelines, they can be fined 20 million dollars or 4% of their yearly global earnings – whichever is higher. The threat of punishment alone will ensure that personal data is stored safely and processed responsibly.

Cons of the GDPR:


The GDPR has the potential to slow the remarkable innovation of the digital era. It is often said that we are in the midst of the fourth industrial revolution – and data is the new oil. Accessible data has fueled the most fast-paced era of digital innovation we have ever seen. In this era of constant growth, we are privy to remarkable medical advancements, competitive AI technologies, user-friendly apps and websites, and a plethora of other developments. Restricting the use of personal data may not only hinder the progress we’ve made, but also stall future developments.


Compliance with the GDPR can serve as a huge cost for companies. In order to re-orient data procedures, most companies will have to hire one or more data protection officer. In addition, if a company fails to comply with the GDPR, they will be faced with massive fines and punishments. These costs could prove detrimental to businesses across the globe.


In her powerful article Why We Should Stop Fetishizing Privacy, Heidi Messer stated that “[tech companies] have become both hugely profitable and vital to the global economy.” Messer continues to note that jobs in the tech industry are expected to increase by 12 percent by 2026. This industry is largely fueled by the field of big data. To restrict access to data could be extremely harmful to the job market.

At GXG, we are constantly grappling with what these regulations mean for us, individually as consumers, and collectively as a business. We are also regularly connecting our clients with experts who can help them implement new data protection initiatives. Preparing for these upcoming regulations can be taxing – and no one should go through it without a little extra help.

While the personal information economy and data protection regulations are far too nuanced to be briefly summarized, we hope to have provided you with a foundation of knowledge about these topics through our personal data series!

We’d love to hear your opinions and conclusions on these topics. Reach out at info@gxg.co 

Read Part 1 here 

Read Part 2 here

Every month we collect the latest insights from our research and client work to share.