Countdown to GDPR: A New Paradigm for Personal Data
9th May 2018 | Ardi Kolah
What the future holds for personal data following GDPR and the Cambridge Analytica scandal
The issue of personal data, privacy and security has taken on more significance and urgency in the wake of the Facebook/Cambridge Analytica scandal than we could have ever imagined or predicted.
This follows a catalogue of personal data breaches on an industrial scale - namely the scandals of Equifax, BUPA, NHS, Yahoo and WannaCry. Should we all live in fear of whether we are next in line to suffer sleepless nights following a cyber attack?
It doesn't have to be this way.
We are transitioning into an era where individuals have both the skills and opportunities to choose how they manage and share their personal data to achieve a range of beneficial outcomes. Digital evangelists (and I would include myself in this category, as a privacy professional) are optimistic about the future, rather than terrified by it.
If social media giants recognise that they need to embrace global standards of data protection, privacy and security, which drive transparency and accountability all the way from top to bottom of their vast empires, they won’t have to endure the palpable sense of mistrust felt by 87 million people around the world as a result of the Facebook/Cambridge Analytica scandal.
More than a billion people on the planet use social media services every day to actively communicate and manage information about themselves to organisations and each other. They need to continue to do so without fear of being unwitting victims of surveillance capitalism.
Innovation and economic growth through data, on one hand, and the desire to preserve our fundamental rights in respect of that data, on the other, shouldn’t be in tension or in the balance.
But right now, they are.
Sir Tim Berners-Lee - the inventor of the World Wide Web - has consistently called for greater privacy on the web and for people to become the legal owners of their personal data, to control when and how it’s used, due to rampant identity theft and the invasion of personal and sensitive data that’s now a daily occurrence around the world.
Looking to a brighter future, Berners-Lee predicts there’ll be faster networks and more intelligent computers using Artificial Intelligence (AI) (a bit like the world depicted in the movie Minority Report, starring Tom Cruise). Data will no longer be ‘owned’ by big corporations with sophisticated CRM and data mining tools, but by ordinary people who will make a living by selling their own personal data to these same organisations.
In fact, it’s already happening.
Nicholas Oliver, CEO and founder of people.io pays people for watching ads. In fact, big data is being undermined by companies using their customers’ data for targeted advertising purposes.
Prof. Viktor Mayer-Schönberger at Oxford University and the author of Big Data, takes up this theme; “The value of Big Data lies not only in the way we use data here and now but also in the potential, future use of the volumes of data collected. The driving force for this type of Big Data business is the idea that large amounts of data equals great potential. But all that could change in the future.”
In the future, data will work in much the same way as calendars work, where each person will choose to invite certain people to share events and information with them. Ordinary citizens will have more control than they do at present over what data they share with others, which is likely to become the new norm in the wake of the General Data Protection Regulation (GDPR). But changing the legal landscape won’t be enough.
Berners-Lee says that to achieve this new state, we’ll have to build powerful computer systems that can adapt to changing environments and allow the protection of privacy to be core to that development.
The business world is slowly waking up to the future internet of things and the new paradigm in personal data. For example, Microsoft believes that we must think differently about data and move away from the need of ‘big data’ that has obsessed the marketing industry for years.
We’ve also rapidly reached the point where people often struggle to tell the difference between talking to a computer and a real human. The latest Hiscox radio ad for cyber insurance boasts that it was written and performed by a computer and challenges the listener to tell the difference.
2018 may go down in history as the ‘coming of age of the algorithm’ and GDPR, but fast forward to 2030 and non-biological computing looks set to overtake biological computing.
Which sounds like a brave new world...provided we are still in control of our personal data.
The GDPR Handbook, by Ardi Kolah, is the ultimate, jargon-free guide for any company or organization looking to interpret GDPR into clear, actionable steps. Using the latest research, this book will help Data Protection Officers and businesses carry out Data Protection Impact Assessments, create and enforce data protection policies, train staff and manage data protection teams.