GDPR Threat - Are you ready?

Imagine:  You are a privacy focused company.  You are trying to do everything right.  You receive a threat from a person who claim you violated their GDPR rights and they demand you pay them $x.  If you don't agree to pay them, they threaten to report you to a Data Protection Authority and/or file a personal lawsuit against you in a court based in the EEA.  

Do you know how to navigate this?  We Do.

Evaluating Complex Factors Is One Of Our Superpowers.  We faced this recently with one of our clients who is a global, privacy infused company.  They wanted to do the right thing but also wanted to protect themselves from extortion-like behavior and from setting a precedent.  

Providing potential solutions for requires a unique combination of expertise:  It requires a knowledge of breach and notification standards under the GDPR, within the Member country and all US states where our client does business. It also requires an understanding of the relevant, local Data Protection Authority (DPA) in the EEA that would oversee a complaint and their general approach to investigating such reports.  It further requires an understanding of relevant non-US, local litigation requirements and related treaties that impact litigation for those in US should the complainant file a claim for personal damages under GDPR outside of the US.  Lastly, the client needs someone to help them, not only understand all these factors but also the risks involved and advice on how to negotiate a just solution.  

We know how to deliver the best outcome for everyone.  We analyzed all of these factors.  We educated our client on solutions available, the associated risks, helped them navigate their chosen solution with the customer.  We also helped them ensure that they lived by their privacy and customer support standards.  

Are you prepared?