GDPR is not just a regulatory framework. It’s also a moral and existential blueprint

This is not “yet another” article spooking you with the eye popping “Fines of up to 4% of revenue or 20 million Euros for failure to meet GDPR regulations.” There are plenty of webinars, self-styled GDPR analysts and experts who are drumming up the fear of the upcoming looming GDPR May deadline. Granted, some may be motivated to educate, but a bulk are hoping to monetize the spend that goes into data classification, encryption, key management and the like. Which is fair if you are a business who is looking for a compelling event to monetize but I believe we are selling ourselves short as a technology community. There is a higher moral ground that we need to strive for. That higher bar that I refer to is a different expansion of the GDPR acronym – Genuine Data Protection Renaissance.

Before you fall off your chair let me explain. The main tenets of GDPR – data portability, breach notification, data protection by design and default, data/storage minimization, opt-in consent, right-to-erasure, appropriate technical measures, evidence of compliance – are amazing codification of laws that every service provider and vendor on this planet – that may or may not be impacted by the regulatory framework itself – would do well to make an integral part of their DNA and offering – for their existence and their customers’ well-being. Sound like fiction? Let me explain.

1. Data portability

With the cost of storage plummeting, sensors everywhere and the need to understand your customer “deeply” – collection of data is becoming the norm (see #3 where I talk about this issue). But along with this collection, if there is a consequential & moral decision that all this data needs to be portable that can be handed over to me – the end customer – on demand, imagine “what a wonderful world it would be.”

2. Data protection by design and default

Again, every piece of data that is collected needs to be, by definition, secured. Period. That becomes the design criteria for every product, architecture and service. I can sleep soundly at night.

Leave a Reply

Your email address will not be published. Required fields are marked *