Exclusive GDPR Stats; US Startups Are Better Prepared Than European Counterparts

By   ISBuzz Team
Writer , Information Security Buzz | May 15, 2018 08:15 am PST

With less than 10 working days to go to GDPR D-Day, SMBs are feeling the pressure most. Over 4,000 took part in Mailjet’s recent active GDPR readiness test in the last 8 weeks and the top findings are:

  • 80% continue to collect personal data from customers
  • 67% still aren’t protecting it properly through encryption technologies
  • US startups are generally better prepared than their European counterparts

Data protection:

  • Despite low results, the United States is at the top of the data protection ranking with 53% of US startups stating they encrypt the data they process and 47% have a warning system in case of a breach that could put customer data at risk
  • Europe is falling behind on this, particularly in France with only 21% of start-ups declaring they protect their data properly and 28% having an alert system in place
  • The UK is the best positioned in the European ranking with 33% encrypting data and 44% have an intrusion or breach alert procedure

Data consent:

  • French startups are again ranked last in Europe when it comes to seeking consumer consent (40%) and allowing consumers to simply withdraw it (53%)
  • The UK is better positioned to obtain consent (50%) and to allow consumers to withdraw it easily (62%)
  • However Spain tops the list for consent, with 60% seeking this and 75% incorporating straightforward withdrawal
  • The results are more nuanced for the United States, half of respondents (50%) ensure that consent is obtained, but only 44% make it easy for clients to withdraw consent

Data minimisation (The principle of data minimisation consists in collecting only the data strictly necessary to achieve the objective):


  • In Europe, the gap between France and the UK is notable with 80% of UK startups recognising the importance of data minimisation tactics compared to only 68% of French start-ups
  • Spain again leads the charge with 84% only collecting necessary data and 80% in the US

Third-party providers compliance:

  • Working with a supplier that is not GDPR compliant puts the reputation of companies at risk and exposes them to significant financial implications
  • Yet around the world, the results are worrying with less than half of start-ups checking their suppliers’ compliance
  • Germany in particular unfortunately comes bottom of the list, with only 37% ensuring their provider compliance whilst the US is top with 52%

[su_box title=”About Mailjet” style=”noise” box_color=”#336588″][short_info id=’60609′ desc=”true” all=”false”][/su_box]

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x