DailyPost 867


General Data Protection Regulations, GDPR, which came into operations on 25th May 2018, was to transform the landscape once and for all, given the two year window which was provided for it’s preparation. The quiet period since May would mean either the compliances were fully in place or that the GDPR compliance mechanism was still to come to grips with the regulations, it is mandated to enforce. But the self proclaimed success of the companies in becoming GDPR compliant hit reality check with the last week news of Google being fined $57 million for failing to comply to it’s regulations.

French regulators discovered that Google failed to get the consent needed for using certain user data in personalising ads. Google was not clearly presenting information about the way user data is handled and stored. It is also a fact that opting out of targeted advertising has been made a difficult process and the company has done precious little to sort it out. Google being a well managed IT behemoth with immense resources would be ideal to comply to the changed requirements. Google compliance page on its website states: “Keeping users information safe, secure and private is among our highest priorities at Google”. The general refrain now being if Google can be caught out, what about others in the pack; big and small.

Mercenary Monetisation of Data, has for long been the guiding principle, for that purpose tonnes of unnecessary data points unconnected to the transaction, has become the order of the day. The whole smart digital Infrastructure was designed and perfected for this purpose. Every sentiment of every is accounted for and every piece of user data is held hostage. How does the GDPR world get created? It is like rewriting digital commercial world once again.

Data handling practices in development still remain the same and so is the case in testing. “The GDPR calls for anonymization, randomized data, encryption and other protections, which data professionals will need to implement in a consistent manner throughout their IT Infrastructure.” The organization needs a process to detect loss and a plan to disclose it to customers. “Auditing activity, forensic analysis and communication plans have to be developed, practiced and distributed.” Have we begun?


Sanjay Sahay

Leave a Comment

Your email address will not be published. Required fields are marked *

The reCAPTCHA verification period has expired. Please reload the page.

Scroll to Top