Any regulation addressing emerging and evolving technologies will be obsolete to some extent by the time it’s rolled out – that is almost guaranteed. That certainly does not mean it’s time to abandon ship – in fact, the GDPR is more relevant and important now, as new technologies seek to collect, interpret, and in many cases monetize everything from our browsing history to our daily movements. That personal data must be safeguarded by the organisations that gather it in the first place. In far too many cases, companies have consistently fallen short on giving consumers control over, and transparency into, their own data and dropped the ball on security — making GDPR a necessary, if inconvenient, hurdle for organisations.

While it’s unfortunate that some businesses are struggling under the GDPR, remember that consumers have often paid the price in the form of stolen credentials, scams, identity theft and more in the wake of data breaches. Some confusion is to be expected – after all, the GDPR just turned two — but as it matures SMEs and other companies will benefit from consistency and continued guidance, especially as it relates to new technology and innovations.