EU General Data Protection Regulation is coming fast: There’s less than one year before transition period ends and regulation starts getting enforced. By now we’re all aware of the penalties: Up to 20 million euros, or up to 4% of annual global turnover, which can amount to much more. There are a lof of myths circulating, some panic, some doomsayers, and a lot of ignorance. Our software developer Arto decided to write a piece on this, from his perspective, based on current understanding of how things are.
I’ve seen two extreme approaches to GDPR. One typical claim is that the skies are falling, nothing can be done with data anymore, and nothing can be collected from users. The other extreme is saying: This does not apply to us, nothing will change. Both are wrong. Best protection is to get some more knowledge, and good place to start is to educate yourself. Read up on what you can. Some details will probably become more clear in years to come, but the big guidelines are already there. To keep this somewhat short, I will not be talking about organization level view, or existing software, but I will be concentrating on creating something new in year 2018.