Two thirds of German companies believe that data protection makes digitization more difficult. And half believe that the country is overdoing it with data protection. This is the result of a representative study by the IT industry association Bitkom.
Effort remains high
As a reason for this, 42 percent complain that the GDPR, which came into force in 2018, increased their effort. Only 6 percent state that this has subsided, while 19 percent expect a slow improvement. However, 32 percent fear that there will be more work on data protection in the future.
At 65 percent, the majority of local companies have already largely or completely implemented the GDPR. 29 percent of those surveyed are still doing it and 5 percent are just starting out. The latter particularly include smaller companies with fewer than 100 employees.
82 percent blame the corona pandemic for the delay. However, 77 percent believe that the GDPR cannot be fully implemented. 61 percent fail because of specialists, while 47 percent struggle with continuous adjustments due to new judgments and recommendations from the supervisory authority.
Concrete effects on projects
When looking into the future, 76 percent argue that the specific requirements of the GDPR have already caused innovation projects to fail. At the same time, 86 percent of those questioned canceled projects due to ambiguities in data protection. Data collections are the most frequently mentioned hurdle at 57 percent.
At the same time, legal uncertainty grew, because while two years ago 68 percent named this as the greatest challenge, it is now 78 percent. The same development can be observed with the changes and adjustments, they are now complaining 74 instead of 59 percent. A difficult technical implementation and a lack of staff around a third, as in 2019. Bitkom attributes this to the fact that companies have a direct influence on this.
Help is not always helpful
Not all companies have had good experiences with data protection supervision. 24 percent have already asked her for help, but have not received an answer. Another 28 percent received one, but it didn’t help. On the other hand, 29 percent received assistance; the respondents in particular were helped by guidelines. However, 41 percent said that they were not satisfied with the help and another 25 were not at all satisfied.
Do you already know the free one iX-Newsletter? Register now and do not miss anything on the monthly publication date: heise.de/s/NY1E The next issue will be about the title topic of the OctoberiX: Professions, Careers and Salaries for IT Professionals.
In view of the elimination of the Privacy Shield and the so-called Schrems II ruling, the cloud practice in Germany is spicy: every second company exchanges data with external service providers outside the EU. These are mostly located in the USA, followed by the UK. 62 percent believe that they would no longer be able to offer certain products and services outside the EU without the processing of personal data.
Demands on politics
The companies surveyed have clear expectations of the next federal government. 89 percent want to see the GDPR adapted, 68 percent advocate more harmonized data protection requirements across Europe. 60 percent demand that the state data protection authorities should be abolished. About half of the companies want a hard line with the USA when it comes to international data transfer.
All details about the study can be found at Bitkom. 502 companies with 20 or more employees in Germany took part in the survey.