A group of data protection experts gathered this morning in central Edinburgh to discuss the next steps for data protection in Scotland.
Despite there only being 626 days until the GDPR goes past its honeymoon phase and becomes enforceable, the experts agreed that the large consensus is currently a bout of uncertainty due to Britain's impending exit from the European Union.
However, as Ken Macdonald, assistant commissioner for Scotland and Northern Ireland, points outs, the 626 days end before the predicted date whereby Britain will leave the EU.
This will mean that GDPR will happen whether we like it or not.
It's also pertinent to mention that Article 50, which will invoke the leave notice, has yet to be triggered.
Paulo Silva, a legal officer from the European Commission's data protection reform team, spoke on the rationale for the GDPR, which is to essentially “provide a modern European data protection framework” and consider things like the charter of fundamental rights within the Lisbon Treaty.
Silva said, “We're looking to put individuals in control of their data. We want to cut the red tape and provide a harmonised modern data protection governance system.”
And it would appear from the comments from the panels that the time is now for such a piece of legislation.
Zach Thornton, head of external affairs for the Direct Marketing Association, explained that his organisation had recently conducted research within which they found that trust in a company's ability to securely maintain their data is a primary driving factor in the decision making consumers make in sharing data with said company.
Thornton pointed out that, “data is the new oil” and drives so many sales, which is particularly important for companies to recognise.
Thornton said that 72 percent think sharing data is now somewhat of a new normal when it comes to interacting with companies, and 90 percent want more control, transparency and visibility of how their data is being treated.
Backing up Thornton's point, Gillian Docherty, chief executive officer of The Data Lab, said that millennials are, “almost too keen to hand over their personal data,” and questioned whether or not “Google knows more about millennials than their own parents do.”
The panel as a whole urged for preparations to be underway, and Ken Macdonald warned that, “Brexit will happen!”
Despite Steve Flockhart, head of information, assurance and compliance for cloud data company iomart, saying that being in compliance with the GDPR is cumbersome, he said, “It is well within our ability of being compliant, but it is important that we start preparing for it today.”