What has dry regulation known as GDPR, got to do with humans? Answer, almost everything.
A recent survey by ForgeRock found that 57 per cent of UK consumers are worried that they have shared too much personal data online. 53 per cent said they would not be comfortable if their personal data was shared without their permission and a further 58 per cent said they would stop using a company’s service completely if it shared data without permission.
In short, humans care about their privacy. And that is why the General Data Protection Regulation exists.
We also live in the age of artificial intelligence – data is the new oil, as computer algorithms, via the amplification of the latest in computer hardware, analyses data and draws inferences about us. It feels very non-human like.
Yet, we are told that AI is about personalisation – making services just right for each person. Is AI going to make data more or less human?
GDPR is meant to make it more human.
At a recent GDPR Summit in London, Ardi Kolah, Editor-in-Chief, Journal of Data Protection & Privacy said that it is a “mistake if your starting point, when looking at GDPR is fines or sanctions.”
To the contrary, he added, “trust is the starting point. If they can create trust, companies can do more not less with personal data.”
That’s why GDPR is about humans – creating an environment in which we feel we can trust companies with our data.
So whether it be subject access requests, an individual exercising their right to be forgotten, implementing procedures to minimise the risk of a data breach, and putting a plan together on what to do if the breach happens, or getting user consent and perfecting privacy policies, GDPR enforces behaviour upon companies that emphasises the human factor.
GDPR is also about keeping data relevant, not holding onto data you don’t need, making sure privacy policies are specific to particular data.
In short people are all different, and so is the way we use data. That is why human factors are right at the core of what GDPR is all about.
GDPR Summit Series is a global series of GDPR events which will help businesses to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond.
Further information and conference details are available at http://www.gdprsummit.london/