Editorial
Amazon recently sent a German man someone else's data in response to his personal data request, made in accordance with the General Data Protection Regulation (GDPR). Amazon blamed it on "human error."
By blaming it on human error, Amazon is trying to imply this is an isolated case. But some voices in German politics seized on it as another way to question the GDPR: How can small enterprises succeed with these data protections if a giant like Amazon fails?
Such statements imply enterprises are overtaxed by the GDPR. What it doesn't say, but does suggest, is the EU must loosen or lift the regulations. Meanwhile, Dorothee Bär, the Federal Government Commissioner for Digitization, is openly calling for this in another context. At the end of 2018, she once again publicly demanded a relaxation of the data protection laws in the healthcare system in order to move forward with implementing electronic patient files by the end of 2021.
The Call to Relax Data Protection Laws
Germany has some of the strictest data protection laws in the world and the highest requirements for the protection of privacy. Many argue these laws block developments in the healthcare sector, so we should delete some rules and loosen others. Bär isn't the only person advocating for this approach. More and more stakeholders in the healthcare sector are calling for laws to be relaxed so Germany can remain competitive.
Others compare the threat to data the GDPR handles with the threat of hacker attacks and data leaks. This comparison is weak, as both aspects are extremely relevant and the need for both negates neither. On the one hand, protection and control of the personal data of customers and citizens — or as Americans correctly call it, "data privacy." On the other hand, protection against hackers, hacker attacks or even errors in the company's own IT department.
These specious arguments are just another way for interested parties to fight tougher data protection regulations.
Related Article: An Introduction to the GDPR
GDPR Fans in High Places
Data protectors — no surprise — see it differently. And they get help from unexpected sources. Tim Cook, CEO of Apple, for example, said during a talk in Berlin on Oct. 22: "I am a big fan of GDPR. However, it does not represent yet everything, which must be made." Researchers at the University of Oxford in cooperation with the Reuters Institute for the Study of Journalism released a study stating that the European Union with its new data protection basic regulation drives the "strictest and most farsighted" approach in the area of data protection.
Data protection does not mean innovation grinds to a halt. It can even become a competitive advantage for businesses in Germany (and more broadly in Europe), if the use of data and artificial intelligence is cleverly combined with data protection and data security. Certainly the implementation and the design of the GDPR can and must be improved. Even if the GDPR overshot its reach in places, which I personally do not think is the case, it has fired up the discussion and perhaps also increased the sensitivity around the very important topic of data privacy. And that's a good thing.
Learning Opportunities
Webinar
May
30
ChatGPT and the Future of Conversational AI
This discussion explores various aspects of AI implementation, ethical considerations, and challenges for your organization.
Webinar
May
31
The Evolution of Employee Listening - 2023 Trends & Best Practices
Learn proven effective methods and solutions to supporting an inspirational future of Employee Voice
Webinar
Jun
1
How organizations can design, build and run Generative AI into the Customer Experience
Discover how to drive enhanced CX through Generative AI
Webinar
Jun
6
The Future of Social Media: Emerging Trends and How to Stay Ahead of the Curve
The impact of emerging technologies like AI on social media
Webinar
Jun
7
The Building Blocks of Personalization
This webinar will explore how personalization can create powerful ecommerce shopping experience.
Webinar
Jun
13
The Future of Contact Centers with AI at the Helm
Learn how to balance human intuition and interaction with the potential uses of AI to create delightful and lasting CX
Webinar
May
30
ChatGPT and the Future of Conversational AI
This discussion explores various aspects of AI implementation, ethical considerations, and challenges for your organization.
Webinar
May
31
The Evolution of Employee Listening - 2023 Trends & Best Practices
Learn proven effective methods and solutions to supporting an inspirational future of Employee Voice
Related Article: Is Data Ethics an Oxymoron? Customers Don't Think So
Fear-Mongering at the GDPR Gates
Ulrich Kelber, Germany's new Data Protection Officer, wants to improve public perception of the GDPR. He admits there is room for improvement. But that won't happen by going to extremes — either on the side of complete lock-down of all data or an indiscriminate rejection of any regulations. Arguments about the proper or improper use of our data by businesses will do little to diffuse public fear about our data being used in ways we do not want — which last year's revelations about Cambridge Analytica and Facebook made all too real. Clarification and setting boundaries is clearly an urgent task.
There is room to maneuver: potential penalties should be imposed with a sense of proportion and deadlines could also be extended. However, there should be no question that basic data protection is a fundamental right of every citizen. There should be no question that I can find out what companies are planning on doing or are doing with my data and that I should be able to obtain this information promptly. And above all, there should be no question about a citizen's right to ask that their data be deleted.
Related Article: Marketers Are Missing the Point of GDPR - and the Opportunity
The GDPR Is Here Because Enterprises Didn't Take Care of Data
Businesses neglected data protection for years before the introduction of the GDPR. Excel tables on the hard disk of every salesman, databases and data lakes, uncontrolled and scattered data in different IT systems — that was the reality. Now it's time to repair the outdated IT and data collection systems, introducing proper measures.
Let's not go backwards. Let's not reverse courses on data protection so early and so carelessly. Yes, some companies would enjoy that very much. And while it will take years to cement how we handle data properly, that's all the more reason why we must double down on these protections and work to clarify and improve them now. The GDPR is more chance and opportunity than risk. If necessary, slightly modify the course, but keep the direction!
Learn how you can join our contributor community.
