Ensuring the right to be forgotten was the most difficult obligation for companies having to comply with the General Data Protection Regulation (GDPR) in 2019. Privacy experts from companies based in the EU and United States also considered data portability quite difficult, ranking this obligation with a mean score of 4.6 and 4.9 out of 10 respectively.
Average difficulty score of GDPR obligations among EU and U.S. firms in 2019
Characteristic
EU
United States
Right to be forgotten
5
5.4
Data portability
4.6
4.9
Conducting data protectection impact assessments
4.6
4.9
Gathering explicit consent
4.2
4.9
Fulfilling subject access requests
3.9
4.7
Cross border data transfer
3.9
4
Understanding regulatory oversight
3.8
4.2
Breach notification requirements
3.7
4.5
Restrictions on profiling
3.7
3.3
Determining your lawful basis for processing
3.1
3.2
Understanding jurisdictional scope
2.8
3.1
Appointing a legal representative pursuant to Article 27
This question was phrased by the source as follows:"Rate the following legal obligations of the GDPR in terms of how difficult they are for your company to comply." Score on a 0-10 scale: 0=Not At All Difficult; 10=Extremely Difficult.
*Privacy experts answering the survey worked in companies with headquarters located as follows: U.S.:39%; EU (UK excluded):33%; UK:13%; Canada: 6%; other; 5%; non-Europe:3%;Australia/New Zealand: 1 %.
Profit from the additional features of your individual account
Currently, you are using a shared account. To use individual functions (e.g., mark statistics as favourites, set
statistic alerts) please log in with your personal account.
If you are an admin, please authenticate by logging in again.
Learn more about how Statista can support your business.
IAPP. (October 1, 2019). Average difficulty score of GDPR obligations among EU and U.S. firms in 2019 [Graph]. In Statista. Retrieved December 22, 2024, from https://www.statista.com/statistics/1172927/gdpr-obligation-difficulty-among-eu-and-us-firms/
IAPP. "Average difficulty score of GDPR obligations among EU and U.S. firms in 2019." Chart. October 1, 2019. Statista. Accessed December 22, 2024. https://www.statista.com/statistics/1172927/gdpr-obligation-difficulty-among-eu-and-us-firms/
IAPP. (2019). Average difficulty score of GDPR obligations among EU and U.S. firms in 2019. Statista. Statista Inc.. Accessed: December 22, 2024. https://www.statista.com/statistics/1172927/gdpr-obligation-difficulty-among-eu-and-us-firms/
IAPP. "Average Difficulty Score of Gdpr Obligations among Eu and U.S. Firms in 2019." Statista, Statista Inc., 1 Oct 2019, https://www.statista.com/statistics/1172927/gdpr-obligation-difficulty-among-eu-and-us-firms/
IAPP, Average difficulty score of GDPR obligations among EU and U.S. firms in 2019 Statista, https://www.statista.com/statistics/1172927/gdpr-obligation-difficulty-among-eu-and-us-firms/ (last visited December 22, 2024)
Average difficulty score of GDPR obligations among EU and U.S. firms in 2019 [Graph], IAPP, October 1, 2019. [Online]. Available: https://www.statista.com/statistics/1172927/gdpr-obligation-difficulty-among-eu-and-us-firms/