GDPR 4 Years On!

It's been 4 years since GDPR was first introduced, and the legal sector has seen a lot of change in that time. Back then I delivered over 30+ GDPR talks with law firms across the UK, helping them understand what they need to do and what they don't need to do.

The initial questions I received were 'how can we market our services?' and 'I was told to delete my database, is this right?' The worst was the fines everyone thought they would receive..€20 million (roughly $20,372,000), or 4% of worldwide turnover for the preceding financial year – whichever is higher. Any law firm seeing those figures is going to have a little bit of a panic attack.

Most of the time there was a lot of scaremongering, this didn't help the cause, especially for the smaller law firms who turned their Practice/Marketing Managers into DPO (Data Protection Officers) purely on the basis that they dealt with the client newsletters.

For law firms, it was a huge shift in how they collected personal information on clients and prospective clients. Many put the brakes on their marketing, unsure of how to move forward with this new regulation. But now, 4 years later, things have settled down and most firms have found ways to work within the GDPR framework. In this blog post, we'll take a look at how the legal sector has evolved over the last 4 years and what effects GDPR has had on it.

One of the biggest changes GDPR has brought about is in the way law firms collect and use data. Before GDPR, many firms collected as much data as possible on their clients and prospects, without really knowing what they would do with it. This often led to information being stored insecurely, or simply not being used at all. GDPR has forced firms to be more strategic in their data collection, only gathering information that they know they will use and making sure it is stored securely. As a result, we've seen a decrease in the amount of data being collected by law firms, but an increase in its quality and usefulness.

Another area where GDPR has had an effect is in how law firms communicate with their clients. Before GDPR, firms could send marketing materials to anyone they thought might be interested, regardless of whether they had given their permission. This often led to people being bombarded with unwanted emails and calls from lawyers. GDPR has put a stop to this, requiring firms to obtain explicit consent before sending any marketing communications. This has made the process of marketing much more time-consuming for law firms, but it has also resulted in higher quality leads and fewer complaints from clients.

Overall, GDPR has been a positive force for change in the legal sector. It has made firms more strategic in their data collection and communication with clients, resulting in better quality services and fewer complaints.

The real conclusion with GDPR is the fact that it was a good move, it helped businesses understand they need to be held accountable for the data they hold and manage it correctly. Putting in place clear and concise controls to manage the personal data they hold on us.

Will there be a GDPR2? The way data is being collected at an accelerated rate, it is only a matter of time before an update will be required. Especially with the likes of Crypto and other digital assets evolving in this space.