It has been 2 years since the GDPR came into effect on 25 May 2018. Time to take stock of the changes, highlight the positive impacts and determine where there is still work to do. It is certainly true that the implementation of the GDPR was a turning point for personal data protection in the EU. But it is not an end point.
The Beltug Privacy Council brings together privacy experts from 55+ organisations for different sectors and public institutions, to exchange knowledge, experience and ideas. They took on the assessment of the impact of the GDPR after two years: not to comment in favour or against the GDPR, but to define what has improved concretely, and consider where further improvements would be welcome.
Beltug has published the conclusions of the Privacy Council; you can find them here (8 pages).