I have a confession to make. Until relatively recently whenever I saw the letters GDPR, I thought that is for the data geeks to be worried about. But I kept seeing them (the letters, not the geeks) and I figured I had better just check what all the fuss was about.
I should be clear from the get go: the days of my being responsible for a database of five million contacts are past. Nowadays, all I hold are the contacts on my phone, which I acquired directly from individuals who were clear that I would get in touch with them from time to time about meeting for a drink and/or to tap them up for work.
My first attempt to find out more was asking a data-head I know, who opened with “it’s really complicated” and muttered something about privacy.
I hate being told something is complicated. I tend to think either they mean it is too complicated for someone like me (in other words, a woman) or that they haven’t got a clue themselves but don’t want to admit it.
Anyway, it spurred me on my quest to discover the truth about GDPR, or the General Data Protection Regulation to give it its full name. It will be enshrined into UK law via the Data Protection Bill announced today (7 August).
And it turns it isn’t really that complicated. Yes, it could be more transparent and more guidance would be good, but I could understand it. I had, however, underestimated the impact it will have.
It is designed to draw together…