DPA vs GDPR: Clash of the data defenders

You’ll already know that the General Data Protection Regulation (GDPR) is on the way, and set to seriously shake up the way businesses handle personal data about consumers from March next year. We’ve been talking about what it will mean for your business when it rolls out, but if you’ve somehow managed to miss the bandwagon, head over to our ‘Introduction to GDPR’ post, and we’ll fill you in.

We’ve had data protection since 1998, when the Data Protection Act (DPA) came into force; but is GDPR just an update, to take on the mantle of data security – or is it a complete overhaul to the way we look at data handling?

In the red corner…

Quick recap: The UK Data Protection Act (UK DPA) is designed to protect personal data. It follows the EU Data Protection Directive 1995 and concerns itself with the protection, processing and movement of data. It was passed in 1998, and has become a staple of data handling processes ever since.

In the blue corner…

On the surface, the new kid on the block – The General Data Protection Regulation (GDPR), looks like a more robust version of its predecessor; an update for modern times. But dig a little deeper, and you’ll discover it’s here to completely change the way businesses view and handle personal data… and it can throw a mighty financial right hook to punish non-compliance.


And the winner is…

Compared punch for punch, you start to see a pattern: GDPR takes the principles of DPA, and elevates them to a whole new level.

But what’s evident, is that we’re moving into an age where consumers and individuals have greater protection and rights when it comes to information that is stored about them. And that makes sense – with more and more personal information collected, the DPA simply doesn’t cover enough digital ground to properly regulate and protect individuals who have every piece of personal information stored in a database.

From having to opt in, with the right to have information permanently erased, to the hefty financial blow to companies that fail to meet the standard – GDPR is championing a safer, more transparent use of personal data.

We’re all about that at Feefo; we know that authentic, transparent information is incredibly valuable – and should never be abused; which is why we’re looking forward to the arrival of GDPR.

Over the coming months, we’ll be putting together a series of guides, webinars and handy tips to ensure you’re ticking all the boxes. Sign up to our newsletter, and we’ll deliver all the latest industry insight and news into GDPR, straight to your inbox.

Net Promoter® and NPS® are registered trademarks of Bain & Company, Inc., Satmetrix Systems, Inc., and Fred Reichheld.