GDPR: The human factor

What has dry regulation known as GDPR, got to do with humans? Answer, almost everything.

A recent survey by ForgeRock found that 57 per cent of UK consumers are worried that they have shared too much personal data online. 53 per cent said they would not be comfortable if their personal data was shared without their permission and a further 58 per cent said they would stop using a company’s service completely if it shared data without permission.

In short, humans care about their privacy. And that is why the General Data Protection Regulation exists.

We also live in the age of artificial intelligence – data is the new oil, as computer algorithms, via the amplification of the latest in computer hardware, analyses data and draws inferences about us. It feels very non-human like.

Yet, we are told that AI is about personalisation – making services  just right for each person. Is AI going to make data more or less human?

GDPR is meant to make it more human.

At a recent GDPR Summit in London, Ardi Kolah, Editor-in-Chief, Journal of Data Protection & Privacy said that it is a “mistake if your starting point, when looking at GDPR is fines or sanctions.”

To the contrary, he added, “trust is the starting point. If they can create trust, companies can do more not less with personal data.”

That’s why GDPR is about humans – creating an environment in which we feel we can trust companies with our data.

So whether it be subject access requests, an individual exercising their right to be forgotten, implementing procedures to minimise the risk of a data breach, and putting a plan together on what to do if the breach happens, or getting user consent and perfecting privacy policies, GDPR enforces behaviour upon companies that emphasises the human factor.

GDPR is also about keeping data relevant, not holding onto data you don’t need, making sure privacy policies are specific to particular data.

In short  people are all different, and so is the way we use data. That is why human factors are right at the core of what GDPR is all about.

Continue your journey to compliance at the GDPR Summit London, 155 Bishopsgate on 23rd April here

European Data Protection Summit will take place on June 3rd in Central London and will play host to 800 DPO’s, Security Professionals and senior business decision makers looking for; information, updates, clarity, advice and solutions. For more information, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.