Two-thirds of UK IT leaders think GDPR has harmed consumer trust

Five years on from the introduction of the EU's General Data Protection Regulation (GDPR), 66 percent of UK IT leaders polled in a new survey from Macro4 say the regulation has made customers less willing to trust businesses with their personal information.

On its introduction the landmark legislation was hailed as raising awareness of the need to protect personal information. Indeed a year after its introduction 36 percent of adults said it made them trust organizations more with their data.

Jim Allum, director, commercial and technical at Macro 4, says, "Most IT leaders seem to feel that the regulations have made people more suspicious about how their data is being used. This is possibly because people are better informed now about how their data could be compromised or misused. Media headlines about major data privacy breaches and huge GDPR non-compliance fines leveled at well-known brands will have reinforced the overall lack of trust. All this means that organizations need to work harder than ever to demonstrate that they’re managing data within the rules."

The survey, carried out by Vanson Bourne, shows 44 percent of IT leaders believe the additional red tape created by the GDPR has hampered digital transformation for many enterprises and nearly one in five (18 percent) is not confident that their organization is fully compliant.

In addition 62 percent feel that processing data subject access requests and other GDPR queries takes up significant time and resources, and 72 percent admit the switch to hybrid working has forced them to invest more resources in GDPR compliance.

But despite these reservations, 85 percent of survey participants think it would be easier for UK businesses to stick with the GDPR rather than replacing it with the government's proposed new Data Protection and Digital Information Bill (DPDIB). However, 86 percent believe the GDPR risks becoming irrelevant if it fails to keep pace with new AI technologies such as ChatGPT.

"There’s still a lot of complexity around compliance and also unanswered questions about what will happen in practical terms if the new bill comes into force," adds Allum. "Businesses that operate in both the UK and EU may fear that they'll end up having to comply with two separate sets of compliance standards. They could be thinking, 'It's better the devil you know'."

Image credit: Nikola Stanisic / Shutterstock