Over the last few days my inbox has been flooded with Data Protection Policy updates and other notices. The time is upon us and the General Data Protection Regulation (GPDR) is coming into full effect.
GPDR was passed by European parliament in 2016, and came into effect on the 25th of May 2018 (imminent). In summary, the personal data collected by companies will no longer be permissible unless authorised by the user. Any data compromise (hacking, leaks etc.) must be reported to authorities within 72 hours. It gives users the power to obtain a copy of all data held about them with a legal obligation of a 30 day turnaround for this process. In essence, the user has more piece of mind with the power to even request deletion of anything undesired being stored. There were some instances where some American news sites were blocked across Europe.
So the bigger tech companies have been making movements to get in line with the new law. But this doesn’t limit to the big dogs, everyone has a responsibility to comply or face a hefty fine. Whatever business size or nature, GPDR applies to all. In this instance I am of the opinion that the smaller scale businesses get stung the most. Mobilizing protocols to get in line can be costly and reengaging with existing clientele is hit and miss. With no authorisation, companies may not hold this data and this could lead to a purge of customer data if not approached in an engaging manner.
Surveys discovered that many businesses simply had no plan or awareness of GPDR compliancy. A lot of this boils down to what a company already holds, what they are allowed to keep and even understanding where it’s kept. Data management is important and if the appropriate security measures are not taken, exposure to risk opens up and a hefty fine can follow.
I wanted to share an infographic about GPDR here but damn… they are detailed.
So instead, take THIS!
The world keeps spinning and GPDR is taking no prisoners (yet). But what about blockchains? Without a doubt this might have been a thought to various people across the globe. How does one regulate the personal information stored on the blockchain? Coin telegraph (HERE) share an interesting insight into how blockchains are a GPDR fiasco but can potentially give even better ownership over data by using smart contracts and trusted hardware. Perhaps a number of methods will come to light as to how blockchain data deletion can be implemented. This can lead to some deep discussions indeed.
I read recently about the passport project on ETH being cancelled. Parity have some groundwork to if they wish to pull forward with that ICO. Steemit is a social blockchain. I am all for innovation in data ownership but this type of regulation being applied over decentralized projects could stifle development and advancement. I look forward as to how new projects will innovate in the data ownership domain and how much society can begin to diverge from centralised systems.
Thanks for reading.