Skip to content

Innovation under the GDPR. Is it possible?


Is innovation under the GDPR possible? We say it is possible, and the GDPR is a tool that promotes innovation.

Companies often look at regulations and laws as something ‘burdensome’.  This has been the case with the introduction of the GDPR. They presume that strict regulations place them at a disadvantage in comparison to countries with less or no laws on the matter. With more rules, greater care and staff are required to keep an eye on compliance. Examples of such include the introduction of a data protection officer, higher IT security measures and improved data management mechanisms. Privacy and data protection has also been claimed to hinder competitiveness. However, this brief article shall explore how we can change our perspective towards the GDPR. We aim to show you how to look at the GDPR as a tool to promote innovation through your company.

Responsible data-driving innovation has been able to surface as a result of the introduction to the GDPR. As previously explored, the GDPR’s requirements entail that organisations improve data management and the disclosure of more information, including the way in which data is controlled and processed. Increased innovation may be attributed to improved levels of accountability.


Trust in a digital market can only be accomplished through stricter regulation – when we feel more secure, we are more likely to share information.  As a result companies have more data to work with. The obligations found in the GDPR assist companies to explore new aspects of their company and improve the level of trust between clients and the company. Applying the GDPR’s principles acts as a competitive advantage for companies adopting the higher standards, in comparison to their non-compliant counterparts. Compliance with the GDPR is a strategic legal path that companies can adopt to capture customers.

Digital trust may be gained through 3 empowerment principles: Transparency, control and remedy.

Transparency is achieved when users have adequate knowledge regarding the information being used and for which purposes. When there is sufficient transparency, the data subject is empowered to agree or disagree with the information being shared. In order to effectively manage that information, control must be given through tools such as the right to object or obtaining a copy for data portability. Finally, remedy may be the most important aspect in gaining data subject’s trust. The right to erasure accompanied by the right to rectification are powerful tools in the hands of the user, determining what information companies have, weakening a company if taken away. Under the protection of the GDPR, users can hold companies accountable for the misuse of their personal data.

Trust has been included as a component of innovation under the GDPR as it forces companies to re-think the way they offer goods and services to consumers. A new focus on trust changes the way products are developed.


Introducing concepts such as privacy-by-design and impact assessments compels companies to address weaknesses related to their data within their products. Looking holistically at data protection throughout products offered by the company, allows them to ensure safety at each stage of the process. It is characterised by a proactive rather than reactive approach to deal with data protection and privacy measures. Rather than waiting for the problems to materialise, the company can anticipate issues. In turn, implementing preventative measures ensures safety from the cradle to grave of the product. Products are being developed to accommodate the GDPR, innovating the way companies approach the products they sell. 

Innovation can continue to prosper with the GDPR in place. The GDPR incentivises companies to rethink and approach their products and/or services, taking data protection into consideration.

We hope to see you innovating and ensuring your GDPR compliance!

If you are an expert, you can join the community with the link below: