GDPR: Unnecessary European Bureaucracy Or Doing The Right Thing?
I am sure I am not alone in my, often unspoken, response to hearing “GDPR, GDPR, GDPR” wherever I turn.
To be honest my internal dialogue has been in over drive on this subject peppered with frustration laced pronouncements such as:
- Yet another piece of overbearing bureaucracy from non-elected mandarins in Brussels who do not have a clue about real world business!
- I’ve got enough on my plate in helping to grow the business to spend time on this!
- I thought the Government campaigned on reducing red tape for businesses not increase it?
- Oh so much jargon: Data Protection Officer, Data Controller, Data Processor, ICO, NDAs, Systems Audits, The 6 Tests, Legitimate Interest, Clean Desk Policy, IT Security, Privacy Policies, Cookies, the Balance Test, 4% of Global Turnover, Consent…but I doubt that this new found knowledge would impress Jeremy Clarkson in his recreation of “Who Wants to be a Millionaire?”.
- Why do we even need these rules in the first place, doesn’t everyone respect the personal data they have? It’s basic business ethics isn’t it? Surely everyone does the right thing when it comes to their customers’ and prospects’ data?
…Or do they?
And then there is the other voice, you know the one, the one of calm, professional reason “the only reasons the legislation is in place is to protect people like you and me from the questionable actions of some who don’t respect the privacy of data and help protect us against those intent on stealing data for criminal gain.”
Looking at GDPR from this alternate paradigm has helped me to entertain the alternative view that doing what is necessary to achieve compliance has helped us become more effective and secure in doing the right thing in terms of the data we hold. After all, we would want the same of those who hold personal data on us such as Google, Facebook, ISPs, mobile phone carriers, and big retailers etc.
If you would like to receive my blogs directly to your inbox, click here.