Privacy Laws

GDPR isn’t perfect, but its rationale is spot on.

The ideology behind it is slowly sinking in — comparisons with the millennium bug never did make sense. With every data breach and fine, with every privacy scare, the coin drops that little bit further.

The Bank of England Governor, Mark Carney, has described cyber as one of the most serious threats to the global economy. But at least in part, the key to fighting it lies with education. The biggest threat to company IT security lies with people and as often as not, simple errors — the digital equivalent of going out, leaving the front door wide open, with a note saying back at 3 pm. In our cyber section, we look deeper into this area.

Some of the media draw a link between GDPR and Brexit, looking under every stone, searching for examples of the evil EU subjecting us to the tyranny of GDPR. In fact, the UK played a key part in defining GDPR and wants the regulation, inside or outside of the EU.

It may not be perfect, it inundates us with privacy policies which we just say yes to out of frustration — too many, it feels as if consenting is less hassle.

But the objective is right.

Contrast GDPR with China’s social credit system. Echoes of Big Brother are hard to ignore.

Maybe GDPR is like a domino, and one by one others will fall. Brazil has fallen under the spell of privacy regulation. It is somewhat harder to know what to make of California’s regulation coming into force in 2020. It’s privacy regulation, but compared to GDPR it feels light. But then the US legal system is different. California was never going to copy and paste GDPR into its own legal framework.

What is clear is that the battle to protect our privacy is advancing in earnest. If data is the new oil, or as one person told us, the new uranium — both incredibly valuable and dangerous — then we must tap into it without compromising transparency. Organisations must be accountable.

And gaining trust is just as important as processing data.