As the World Approaches the One-Year Anniversary of GDPR, Here is What CSR Believes About Privacy and Small Business

On May 25, 2019, the world will celebrate the one-year anniversary of the European Union’s General Data Protection Regulation (GDPR). Correction—most of us will celebrate the one-year anniversary of the law. Facebook, Google, and several other companies will likely not celebrate a regulatory change that has resulted in record fines for some of the world’s biggest businesses.

But even if Mark Zuckerberg and Larry Page aren’t celebrating the anniversary, the leadership of CSR Privacy Solutions is happy to see a year of regulators and lawmakers taking privacy protection and data breaches more seriously than ever. We are also thrilled to see a growing number of states adopt laws similar to the GDPR, including the California Consumer Privacy Act.


Because our entire business model is built on two core beliefs:

  • Small and medium-size businesses (SMBs) are the most important growth engines of the world economy and deserve to have the same privacy protection and data-breach prevention and mitigation tools much larger businesses have.
  • Privacy is a fundamental human right.

Often our beliefs about the rights of humans and the rights of business contain an inherent conflict. For example, the right of human beings to not have their water sources polluted come at the expense of a company’s right to seek the greatest possible return for shareholders.

Pollution and privacy aren’t the same thing, but the rights of Facebook and Google to aggressively pursue maximum profits came into conflict with the rights of users not to have their personal information improperly disclosed.

However, while gigantic companies like the two mentioned above felt the impact of record fines, they were still able to absorb that impact and stay in business. In other words, they can successfully navigate the inherent tension between profit-seeking behavior and the legal, regulatory, and moral requirement to protect customer data.

SMBs must navigate the same tension—with significantly fewer resources at their disposal.

SMBs still need to seek maximum profits.

Our economy and workforce depend on it.

And SMBs still need to protect consumer data.

The law and a basic sense of human decency demand it.

At CSR Privacy Solutions, we believe it is our duty to step into the breach (pun intended) and help small and medium-size businesses be as profitable as possible while still doing right by the law and the customers they serve.

“We are a small, family-owned and run business and are acutely aware of the challenges facing SMBs,” said Dr. Ross Federgreen, founder and CEO of CSR Privacy Solutions. “However, every employee on our team comes to work with a bone-deep belief that human beings have a fundamental right to privacy. To use Simon Sinek’s phrase, helping SMBs navigate the regulatory, legal, and moral landscape of data and privacy protection while preserving the rights of everyday people is our ‘why.’ It’s what motivates and inspires us.”

Dr. Federgreen is also quick to point out that protecting consumer privacy is not merely a matter of legal and regulatory compliance, or even about simply doing the right thing for customers.

Protecting consumer data is also a competitive advantage—especially for SMBs.

“Businesses that treat other human beings the way they want to be treated have a distinct and significant advantage in the marketplace, regardless of industry,” Dr. Federgreen added. “CSR isn’t ‘just’ helping SMBs be compliant with the law. We are also giving SMBs the ability to market the fact that they take protecting their customers’ privacy seriously.”

In the coming years, both global and domestic SMBs will likely see a drastic increase in laws and regulations designed to protect personal information. If the last year is any indication, the consequences of violating those laws and regulations will be steep.

That shouldn’t be a cause for concern—so long as SMBs are proactively making every effort to protect customer data. In the meantime, CSR Privacy Solutions will continue to develop and deploy innovative programs, services, and solutions that turn legal and regulatory requirements into competitive advantages.


Because it is our mission to provide cost-sensitive privacy solutions, knowledge, and expertise to small and medium-size businesses.

Because that’s who we are.

And that’s who we care about.