This is Part One of the GDPR Roundtable
Today, it’s GDPR’s first anniversary. In one year of its flourish, we have interviewed hundreds of experts and business leaders on GDPR. The insights on GDPR Compliance and strategies to meet customer demands proved beneficial to our readers and Martech community. Recently, we sat with 30+ GDPR speakers who narrated their experience in a Post-GDPR phase using Blockchain and AI capabilities. The GDPR ROUNDTABLE features experts from various realms of the business community and regulatory boards.
Here’s a minute-by-minute detail of our conversation with GDPR experts. You will learn how to handle GDPR Strategy, Compliance and Optimization using Blockchain, AI and data management capabilities.
GDPR is not an EU Phenomenon; It’s Global with Borderless Impact
Hon. Albert Isola M.P., Minister for Commerce of Gibraltar, said, “Within the past year, GDPR legislation has transformed the priorities of big tech, placing everyday people at the centre and making Europe a global leader in the path to data privacy. GDPR’s success lies in its empowerment of institutions and enterprises to take ownership of their actions and their handling of data. Regulation in tech sphere must be supportive enough to allow innovation and creativity to flourish, while still outlining the law in a clear and comprehensive manner.
The evolution of this industry is an achievement which should be reflected on a global scale, holding a borderless technology to the same standards of consumer protection around the world. Regions such as the US, MENA, and APAC boast enormous technological innovation and have had their share of data privacy concerns and crises. The reaction to these issues must be swift, efficient, and supported by regulation.”
GDPR Compliance Is More Than Just About Technology, It Touches Every Business Process and Person
Katherine Noall, CEO of Sphere Identity, a global self-sovereign digital identity management platform, said, “A year on, GDPR has been a great start for improving the data protection rights of citizens in the European Union, especially in its improvement of existing data protection directives by adding clear requirements for breach reporting and fines. However, while these fines to date show protection for those citizens within the EU, the protection of their global data rights has yet to be demonstrated.
Aside from this, one of the crucial aspects that needs to be improved upon is the process of breach reporting––this needs to be more automated with the initial assessment being carried out by technology. While we will probably not reach a state where data breach fines are printed at the rate and ease of speeding tickets, a move in this direction is needed if the legislation is to work.
As a whole, GDPR compliance is more than just about technology, it touches every business process and person. It is no longer sufficient to appoint a Data Protection Officer and be compliant, but instead requires a willingness to make major changes and perform ongoing monitoring and optimization.”
To Better Manage GDPR, Focus on Emerging Data Privacy and Security Technologies
Simon Harman, Co-Founder and Project Lead of Loki, a privacy foundation which allows users to transact and communicate privately over the internet, said, “While proactive regulation may well have a part to play in protecting individuals online, emerging technologies may grant a more practical way of regaining control over the flow of information online. The rise of blockchain technology in recent years has shown only some of the potential of distributed networks and decentralization. By eliminating the need for central servers and service providers, these technologies have the potential to remove the control of consumer data from the hands of third parties and service providers, meaning compliance with forward-thinking regulations like GDPR is simplified, and consumers have greater certainty about their digital lives.”
Simon continued, “If protecting data privacy is something which has been recognized as a priority by consumers, it is time for the technology community to consider more innovative solutions that can address a challenge this complex, and to discuss data privacy in a new light. We should move away from the assumption that consumers are incapable of protecting themselves and give them some options to control their own digital lives by harnessing the power of existing and emerging security technologies. Through clever user experience design and a minimal amount of consumer education, it is possible for the average user – not a government or corporation granting them ‘digital rights’ – to empower themselves to protect themselves online.”
AI and Blockchain: GDPR Data Analysts Need to Find a Common Ground to Optimize Efforts
Matt Luczynski, CEO and Founder of Travala.com, the leading blockchain-based hotel booking platform, said, “In recent years, the collection and use of data to tailor service offerings based on consumer habits has been a growing phenomenon. As online service providers handle high volumes of personal data every second, ranging from names, email addresses, credit card details, passport information, and even biometrics, how they handle this data is vital. In businesses where data is willingly exchanged for greater customization, GDPR presents an opportunity for newcomers and established industry players to demonstrate a commitment to their consumers. By remaining compliant, online service providers can espouse greater responsibility, transparency, and accountability in how they manage sensitive consumer data, leading to enhanced consumer confidence and brand loyalty.
Matt added, “However, it’s crucial to remember that remaining lawful is a two-way street European regulators need to ensure that they’re providing enterprises with the necessary resources to stay compliant. Regulations will need to keep apace of new innovative models of data analysis and data gathering, along with emerging technologies such as AI and blockchain, as they gain prominence across multiple industries.”
Refer to Various Case Studies on GDPR’s Legal Challenges and Amendments
Tara Annison, Technical Product Manager of the PR9 Network, a real-time institutional trading and settlement platform for blockchain-based assets held in cold storage, commented, “Ahead of the implementation of GDPR last May, there was a lot of fanfare surrounding the paradoxical relationship between blockchain and GDPR, however the two are not as incompatible as many people first anticipated. It’s still early days and, as we know, the law of the land moves slowly so I would caution against any blockchain-specific amendments to GDPR at the moment as more time is needed for the regulation to bed in and for technologists to explore it fully.
Tara added, “Over the last 12 months data breaches, security scandals, and hacks have dominated the headlines, resulting in the public beginning to sit up and take note as to how our data is harvested and used. What we’re starting to see now is data owners asserting more control over their own data — just this week the first major legal challenge against the use of facial recognition technology was mounted by a man in the UK and I suspect this will begin to emerge as a wider trend throughout technology, rather than a blockchain-specific one.”
GDPR can be Simplified Using Blockchain; Facebook Should Have Used It!
Jehan Chu, Co-founder and Managing Partner at Kenetic and Co-founder of Social Alpha Foundation, a not-for-profit grant making platform focusing on social impact initiatives and projects, said, “User data is the new oil and every person in the world is a massive fountain of value. But as we have seen with the recent Instagram hack, the largest companies are woefully unable to secure our data and protect our privacy and value, and GDPR is simply an attempt to band-aid the gaping wound of data exposure. Blockchain technology is the tool to give users control over their own data, and the ability to restrict, share, or monetize it as they choose. While the technology is nascent, it is clear that secure, transparent but privacy – enabled blockchain solutions is the ultimate direction companies like Facebook will rely on to avoid major hacks in the future.”