Skip to content
  • «
  • 1
  • »

The search returned 1 results.

Data Protection Authorities and their Awareness-raising Duties under the GDPR: The Case for Engaging Umbrella Organisations to Disseminate Guidance for Small and Medium-size Enterprises journal article open-access

Leanne Cochrane, Lina Jasmontaite-Zaniewicz, David Barnard-Wills

European Data Protection Law Review, Volume 6 (2020), Issue 3, Page 352 - 364

In this paper we explore EU data protection authorities’ (DPAs) role as leaders and educators, particularly in relation to awareness-raising efforts with Small and Medium-sized Enterprises (SMEs). The GDPR made awareness raising duties of DPAs explicit whilst SMEs face challenges complying with data protection law. We posit that DPAS should make better strategic use of collaboration with SME Associations as intermediaries to better access and understand the needs of SMEs. This collaboration could facilitate dissemination of guidance and information addressed to SMEs. It could also help to overcome concerns expressed by SME representatives about the existing guidance provided by DPAs as being overly generic, focused on legal theory, and in some states arriving too late for implementation. We suggest that by working together SME Associations and DPAs could increase their own working efficiency as well as the one of SMEs. We build our arguments on the findings of an online survey of 52-60 SMEs representatives and semi-structured qualitative interviews with 18 DPAs, 22 SME Association representatives and 11 SME representatives. Keywords: Awareness Raising, Compliance, Data Protection Authorities, Deterrence, Enforcement Strategies, General Data Protection Regulation

  • «
  • 1
  • »