Open in app

Sign in

Write

Sign in

Why GDPR isn’t Mordor

ARQS Belgium
ARQS
Published in
4 min readJan 30, 2018

It’s 2018 and the enforcement of GDPR (Global Data Protection Regulations) is coming closer. So close in fact that nearly 80% of the companies are now in absolute panic mode.

Just to be clear, GDPR isn’t Mordor, the floor isn’t lava and it most certainly does not have a huge flaming eye on top of a watchtower. In fact, GDPR doesn’t have a tower at all, making in pretty simple to walk into.

Allright, lets make one thing clear, GDPR is a form of law and will be fully enforceable next summer, but despite the fact that violating its terms might lead up to jail time or fines up to millions of dollars, euros, bitcoins or whatever other currency you use…, there is no reason for panic.

As a wise man once said…

Obviously, everything revolving GDPR sounds pretty severe, and there seem to be only two best practices to go about it?

  1. You just pretend that it doesn’t exist or that it doesn’t apply to you. You simply ignore it, that should work.
  2. The heavens are coming down on you. You and your company are done for, you should stop focusing on any developments that focus on personal data, problem solved, go work at your local fastfood restaurant!

As you probably already guessed, non of the above have proven to be very successful and are not really pragmatic…

A practical point of view

Good to know, GDPR isn’t focused on banning all activities concerning personal data. Instead it provides you with a framework for transparent and secure handling of personal data and will simply sanction those who ignore or misuse them.

Given its lawful enforcement, the framework is divided into multiple rules, who are written down and accessible for everybody to read. If you’re not doing any shady business with personal data already, implementing GDPR shouldn’t be that hard to do. Of course, it will take time to do so, but when you plan accordingly, prioritise the right stuff and don’t loose it completely, you’re not going to have any problem what so ever in becoming GDPR compliant.

Show it some love…

To be honest, GDPR gets way too less appreciation. It’s one of the first frameworks that strongly focusses on risk-based thinking when it comes to data. It makes you mitigate privacy risks until they become something that is tolerable.

Nowadays, there’s enough software on the market that has absolutely nothing built into its design concerning security, privacy and overall data protection, that’s why we should embrace GDPR with both or our arms!

Key takeaways

I could write hours about this topic, but for now, I’m going to present you with some key takeaways about the subject! Stuff you should remember when encountering it!

  1. There is no reason for panic, just look at the rules and figure out how they could apply to you. In case you’re not sure, get proper legal advise and all will be fine!
  2. If you are a software creator and write documentation as well, it’s easy to expand it with GDPR required details. In case you don’t have documentation already…, well then the problem isn’t GDPR, it’s just you not documenting.
  3. Privacy by default should be part of any software you craft, even if it’s an MVP. In case you don’t want to focus on it during the creation of an MVP, use mocked data to prove your value proposition. Again, if you’re creating software and don’t already have some privacy measures in place, you urgently need to elevate your mindset. The good thing is that GDPR can now act as a guideline, there where you didn’t have information before.
  4. Expanded user rights in general will require some extra care and support
  5. GDPR Makes you revisit some software-building practices, for example “logging”. But that’s not that bad now is it? Now you’ll finely know the root cause of all those production issues…
  6. Say that you were processing all data, GDPR will now get you to think more about if you actually need and use that data so frequently as you thought you did. If you’re touching personal data, you will have to put in place some measures and put in the work. Because of the fact that there will be extra effort connected to data processing, you will be more critical about needing data or not. In the end it might even save you some cash, because you don’t need any infrastructure, storage or development for the data that you don’t have.

Useful tips

In case you want to know more about the impact of GDPR on the process of crafting new software solutions, feel free to check it out HERE.

We’re ARQS, and we tackle GDPR in a playful and understandable manner!

Need more boring text about GDPR… well no worries, the EU has provided you some!

Love to know more about us? Like what you just read? Subscribe to our newsletter or one of our various social channels! (Twitter, LinkedIn and/or Medium)

Privacy
Gdpr
Law
Big Data
Security

--

--

ARQS Belgium
ARQS

Written by ARQS Belgium

3 Followers
Editor for

We help Startups, SMEs and Enterprises to maximize their software investments. We're passionate what we do, that’s why we write about it :-) www.arqs.be

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams