Image for post
Image for post
Denny Muller via Unsplash

The window for relying on pen-and-paper guestbooks or digital marketing forms and booking systems is closing fast; for security, data rights and safeguarding, that’s a good thing…

The clock is ticking: the UK government recently announced collection of contact details for NHS Test & Trace requirements will be mandatory for many venues from 18 September, including:

· Hospitality: pubs, bars, restaurants and cafés

· Tourism and leisure: hotels, museums, cinemas, zoos and theme parks

· Close contact services: hairdressers, barbershops and tailors

· Facilities provided by local authorities: libraries, town halls and civic centres

· Places of worship, including use for events and other community…

Image for post
Image for post
Luis Villasmil via Unsplash

Writing scares us: creating original prose and sending it out into the world is up there with public speaking as one of the biggest adult anxieties.

Outside the familiarity of emails, messaging and forms the prospect of getting down our ideas, beliefs and hidden weaknesses can paralyse even the most determined writer when confronted with empty pad or winking cursor.

As Covid19 shut down more intuitive outlets for social and professional expression, the written word is more powerful than ever if we want to move our opinions and projects beyond shares on social media. How can we break this block?

Let’s rewind, back to when writing wasn’t a choice. The ability to write fluently is something we consistently impress on children as a necessary life skill. …

Image for post
Image for post
Copyright Rockstar Games

Games aren’t what they used to be: I recently reinstalled a copy of the Witcher 3 some five years after I bought it bundled with my then new Xbox One console.

The game hadn’t aged a bit. I plunged into its dark world and complex characters, without a thought for frame rate, graphics chips and all the other things which used to sell units back in the day of Street Fighter, Tomb Raider and Gran Turismo.

I’m not alone in this. My teenage daughter enjoyed the Old West atmospherics and moral dilemmas of Red Dead Redemption 2, but I was interested to then see her dig out and play the first game in the series, originally published for the older Xbox360. …

Image for post
Image for post

Patterns in the jungle. It’s the nature of being human that when we are in the grip of new awareness and excitement for something, then we start to see evidence of it everywhere.

We’ve been working on identity at and proving to others you are who you claim to be. This is something we do fluently in real life — whether opening the door to a delivery, or a loved one we manage a range of non-verbal cues and apply checks almost unthinkingly, unless something appears fishy.

When online, this is turned on its head; because of the potential for digital to expose and scale weaknesses which can be exploited for financial gain, espionage or just data theft the starting point is to assume the worst. …

Image for post
Image for post
Dropped keys found on my government-sanctioned daily walk, reunited with owner via social media

It is now obvious that nothing will be quite the same for any of us, once the current health and economic crisis around Covid19 has passed. For those with an interest in personal data, we are likely to see fracturing of the enforcement landscape, delay to the release and implementation of new regulations and a cut in numbers of ‘hands on’ privacy professionals.

Does this mean the end of privacy, the ‘GDPR effect’, to the value of doing the right thing by data? I think not, but it does feel like the ‘end of the beginning’ for companies outside AdTech who traditionally captured and used data as part of, but not the driving force for their business. …

Image for post
Image for post

Listening to a commercial station in the car recently, a sales message came on extolling the benefits of radio advertising. The hook was to mock websites, by having a squeaky voice interrupt “accept cookies” every 5 seconds — the pause and relief when this stopped was blissful (you can learn more here)

Consent on the web has been broken for some time, in plain sight. Members of the public are hustled past ever-larger banners, with no visibility or understanding of how much tracking actually goes on, and where their data ends up. …

Image for post
Image for post

I’ve been travelling alone, on business — a relative rarity these days.

Studying the departure boards from St Pancras to destinations across Europe — Amsterdam, Paris, Lille and beyond — it struck me how much the world has opened up in the course of my adult life. Journeys which were the preserve of inter-railing or a career change are now treated as a casual, high-speed excursion.

Meanwhile, current political debate in the UK runs along a single axis of distancing ourselves from the mainland’s political, legal and cultural norms — Europe is drifting out of reach.

Working as a technologist in privacy can evoke similar feelings for me. …

Image for post
Image for post
Oldest message yet found in a bottle, 101 years, from Germany

Subject. Access. Request.

Er, pardon me?

When translated from priv-speak, the “Subject” means you and me, and an Access Request is where we exercise our right to ask some basic questions around ‘who has got my data’, why and where it’s held.

In the context of GDPR, allowing for the Right To Access is ground zero, the lowest common denominator, and it has certainly been treated as the Cinderella of many compliance programs which rumbled to a conclusion last year.

7 months on, while processes exist across a range of GDPR requirements, SAR handling has been a bolt-on, and by taking a ‘compliance-driven’ approach, I think many companies are missing a trick. …

Image for post
Image for post
© Remembering David Bowie

The new school year is almost upon us, parents are breathing a sigh of relief and it’s time to return our attention to ‘business as usual’ — or is it?

GDPR arrived in May without the sky falling on our heads, cookie notices and use/abuse of consent by businesses are largely unchanged, and there is even talk of it being a ‘paper tiger’.

Meanwhile, the draft ePrivacy Regulation appears bogged down by concerted industry lobbying and the upcoming European Parliament elections next May, meaning a go-live is unlikely next year.

Despite all this, the world has changed, and at the risk of looking silly I’m going to spot some privacy ‘mega-trends’ which I believe will drive progress over the next 18–24 months. …

Image for post
Image for post
© Mad Magazine

MIFID II struck the financial world like a hangover last month. As GDPR bears down on businesses and organisations with enforcement starting 25th May, what are the similarities between the two regulatory beasts, and what pointers can we take from the post MIFID fallout?

For observers of all things regulatory, a fresh contender, MIFID II, has been stealing column inches from GDPR since 3rd January this year.

Like GDPR, this regulatory ‘monster’ has been accused of threatening jobs and prosperity, but also lauded as a fresh wind of transparency and competition in the opaque world of asset management and financial markets. …


Gilbert Hill

Privacy Technologist, Entrepreneur, CEO @tapmydata, Privacy Spokesperson @techlondonadv, lapsed Archaeologist, SE London, bass guitar in @Ton50Band

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store