SMEs seek clear, specific and practical GDPR guidance
Dr David Barnard-Wills of Trilateral Research discusses the GDPR challenges faced by Small and Medium Enterprises, and their support from Data Protection Authorities.
Small and Medium Enterprises (SMEs) are explicitly mentioned in the GDPR. Recital 13 indicates that one motivation for the Regulation was to provide “legal certainty and transparency for economic operators, including micro, small and medium sized enterprise”. Recital 132 states that “Awareness-raising activities by supervisory authorities addressed to the public should include specific measures directed at controllers and processors, including micro, small and medium-sized enterprises”. However, commentators have expressed concern about the level of GDPR knowledge and awareness amongst European SMEs.(1) Furthermore, the European Commission had observed the vulnerability of SMEs regarding the GDPR. It stated in its press release, that there is a particular need to “step up awareness and accompanying compliance efforts for SMEs”(2).