How GDPR has impacted privacy policies [infographic]
Earlier this year the European Union enacted the General Data Protection Regulation, also known as GDPR. The privacy regulation brought about big changes that stretched far beyond the European Union (EU).
Below, learn what GDPR is, what it means for marketers, and how it’s already having an affect on some of the biggest names in technology.
What is GDPR?
GDPR is a privacy law with the aim of increasing transparency around the way companies collect and use the personal data of users.
The implementation of GDPR affected both marketers and their organizations. For starters, noncompliance to the new regulation can result in a fine of up to 4 percent of annual global revenue, or €20 million—whichever is greater.
The privacy regulation also made major changes to the way data protection is handled within the European Union. Some changes include mandatory breach notifications, regulations around consent for the processing of personal data, and the mandatory appointment of a data protection officer.
What Does GDPR Mean for Marketers?
The privacy regulation will mean that marketers must change the way they collect, process, and store the personal data of citizens within the European Union. Especially important to note is that while the regulation only affects EU citizens, it affects companies and organizations outside of the European Union. This is because the regulation applies to all companies that deal with citizens that reside in the EU. So, if you’re collecting information from users in London, GDPR applies to you, even if your physical location is New York.
As such, some of the top organizations in tech have had to update their privacy policies to reflect GDPR changes, even though companies are not located within the European Union. Below, see how GDPR has affected their policies.
How Did GDPR Affect Privacy Policies?
To help you better understand how the implementation of the privacy regulation affected privacy policies, Varonis took a look at how privacy policies have changed since GDPR. Specifically, we looked at how the implementation of privacy policies affected some major players in the tech industry in the following ways:
Typically, to be read and understood by the general public, a piece of content should be around a reading level of 8.
So, just how did GDPR affect the privacy policies of major tech companies?
Surprisingly, considering that the regulation was meant to increase transparency and understanding around the way data is used, our research found that the majority of privacy policies increased in most of the metrics mentioned above.
In fact, the average word count increase came in just under 26 percent, and the average change in reading level clocked in just under 4 percent. Some companies, like Wikipedia and eBay, increased their metrics dramatically. Check out our quick synopsis below, or look at our full infographic at the end of the post for a visual comparison.
time—by a total of 10 minutes! The reading level remained unchanged at 12.
population, and the highest reading level of the policies on the list. Additionally, the word count and reading time increased.
count, reading time, and reading grade level.
Overall, eBay was the worst offender following GDPR, with the highest word count, reading time, and reading level. Wikipedia’s word count increase clocked in at the highest percentage increase across the board, at almost 95 percent
Yahoo made the most significant improvement after GDPR, as the company with the lowest word count and reading time.
Certain types of marketing that were frowned upon but mostly ignored before, such as buying email lists, will largely be halted as companies become GDPR compliant. While the privacy regulation may be a shock to marketers at first, the end result will be better marketing tactics.
Additionally, the privacy regulation will raise the standards of marketers, and give users the privacy protection they both want and deserve.
Check out this infographic below by Varonis to learn more about how the word count, reading time and reading grade level and privacy policies of the most trafficked sites were before and after GDPR.
This infographic was created by Varonis.