Why GDPR is FUBAR
The EU’s GDPR (General Data Protection Regulation) is like the Kennedy assassination: everybody’s got an opinion about it, lots of people claim they’re experts, nobody seems to be right, and we may be destined to debate it forever.
And like the death of America’s 35th president, to me at least, GDPR has been a big, bloody mystery, that’s left a hole in my head and my brain falling out.
You’d think that laws should be unambiguous. Hold your mobile at the wheel and conduct a phone call? If caught, that’s 6 penalty points and a £200 fine. Simple.
The new EU data law that streamlines data protection for citizens of member states?
Well, it’s a bit like asking ”what does the EU Commission do?”, ”why is the European Parliament in two places?” and ”what is the point of Jean-Claude Juncker?”
Most people don’t really know.
Not even the oracle of all human knowledge, Google, could help me with understanding how I should comply with this new set of laws.
I did several searches. I looked at countless blogs about GDPR – some from voiceover artists, some not. I also consulted GDPR videos on You Tube.
Rarely was there any consensus on what, as a sole trader, I should actually be doing to ensure compliance, even if the person relaying the information seemed confident, professional and authoritative on the subject.
I’ve also had several conversations about GDPR, some of those with my peers, others not, and one with a GDPR ”ambassador”.
It’s like playing Chinese whispers. The entire rollout of GDPR has been FUBAR. You don’t know whether to laugh or cry.
Lost In Translation
I was further concerned to learn that global e-tailing behemoth Amazon, being a company that holds the data of EU citizens, has not emailed me to tell me how it is complying with GDPR.
And there are other companies, both big and small, who hold my data but haven’t been in touch. Even good, past and current clients.
Which clearly I was, when a string of ”out of office” automated emails came through on May 25th – one of the senders proudly declaring: ”I am currently out of office swimming in the lakes of Slovenia”.
What’s the betting that those recipients will actually reply, and act on, my careful copy about client-related compliance? Close to none, I’d say. I mean, fancy putting something into law on a Friday before a bank holiday weekend. You have to wonder if EU legislators are sniggering behind their copies of the GDPR, thinking they’ve pulled off a hilarious prank at our expense.
God Help Us
And it seems that, whether you understand it or not, and no matter how much you take his name in vain, not even God can help you with this. ”Prayers for the sick may breach GDPR, Church fears” was the headline in Saturday’s Daily Telegraph. It, too, was full of contradictions, both from the Church of England and the Information Commissioner’s Office, about whether you can actually pray for a publicly named, sick person. Surely the fact (or is it?) that you might have to get the person’s consent ruins their chances? Or, perhaps the power of prayer will work better now that there are proper rules in place around it. God knows. But I bet even He is probably washing his hands of the whole thing.
So who do I blame for the Generally Distracting Pain in the Rectum?
First: EU bureaucrats for making everything unnecessarily difficult (see Brexit negotiations); second, journalists for forecasting doom, mass incomprehension and fines of up to €20m; and third, ”experts” and ”commentators” for constantly contradicting one another.
Still, you can always rely on ”GDPR” to clean up the mess. The unfortunately named PR firm does crisis communications, don’t you know. However, given the considerable acrimony over their legislative namesake, one has to wonder if its bosses are now reluctantly heading for a rebrand.
Banksy photo ‘Banksy Does Brexit’ taken by Duncan Hull.
Used with permission under Creative Commons Licensing.