GDPR compliance low across European websites
9 April 2018 | 0
Websites across Europe show a high level of variance in compliance with the upcoming General Data Protection Regulation (GDPR), according to research by vpnMentor.
The highest levels of compliance were for web sites in Germany (67%), Austria (59%) and Italy (51%). Ireland came in tenth at 38%, with the UK on 31%.
“We collected up to 100 websites in each country that use MailChimp,” said vpnMentor. “In some cases, we couldn’t find 100 and used what we could, and the results were pretty surprising.”
The report also looked at compliance with the EU Cookie Law, and found that there was “no correlation between the sites that use the cookie-pops and the sites that are GDPR compliant”. Germany was at the bottom of the cookie-pop ups test with just 16% of websites employing this privacy feature.
“Our hypothesis was that there would be some kind of correlation in the data between these two studies,” said vpnMentor. “Had Web owners [sic] just used a third party code and inserted it into their website, we’d understand that both GDPR and cookie-pops would be similar.”
For some sites, the report argued, there may be a good reason for not having the cookie-pops enabled on their site, such as not employing cookies. Interestingly, in Slovenia, which had the highest percentage of cookie-pops enabled (64%), only 40% of the sites were GDPR compliant, meaning that at least 60% of the Slovenian sites may be in violation of the new regulation.
While privacy policies may not be the greatest indicator of overall GDPR compliance, it is nonetheless another indicator of compliance efforts across the region.
In January, the European Commission said that only Germany and Austria had passed all necessary legislation required to bring national laws into line with the regulations.