A year on from the General Data Protection Regulation (GDPR) compliance deadline, long gone is the stream of emails asking for consent, and to some organisations, GDPR has proved an all-round inconvenience and challenge. Any organisations that doubted the severity of compliance have been proved wrong. This year has seen European data protection agencies flexing their muscles, issuing fines totalling €56m for GDPR breaches, from more than 200,000 reported cases – and watchdogs warn that they are just getting started.