GDPR..

Don't Leave It To
GDPR
Lawyers!

1
Background://
Late nineties > existing legal frameworks pertaining to data
protection proved to be total jokes
People understood that if they were not paying for the product, they
were the product
In 2010, total mistrust between the USA and Europe

2.1
Regulation://
European Data protection Directive (1995)
International Safe Harbor Privacy Principles translated in 2000
into the EU Safe Harbor Decision
EU-US Privacy Shield (2016)

Regulation hiding massive imbalance of power

Leveraged especially by American West Coast companies
accessing quasi unlimited funding from non risk-averse VC firms
no need to break-even neither in the short nor in medium run

Incredible global growth & unquestioned leadership of the Big

Four (GAFA) providing us with vast amount of “free services”
2.2
Commerce://

To gain competitive advantage, the USA have been distorting for

years international commercial laws against their European
supposedly partners (cf. BNP Paribas, Crédit Suisse, UBS, etc)

The USA have been extremely flexible with their national

companies in particular those having triggered the 2008 financial
crisis. 2.3
Problem://
Data Protection and Privacy > highly complex matters covering
legal as well as technical, societal, economical, philosophical and
even ethical aspects
However, lawyers took control of the debate

System rigged
Certifications require to have a very good legal background
Data Protection Officers
Private Sector = fuses acting as smoke screen
Public Sector: conflict of interest when selling services
3.1
Data Portability://
“ The data subject shall have the right to receive the personal data
concerning him or her, which he or she has provided to a controller, in a
structured, commonly used and machine-readable format

json format ideal for data portability

however without gigantic efforts, people not be able to get a clue
of what’s in
HTML is much better as human readable format; too late! Both
format should be proposed in the export

3.2
Implementation://
“ the EU Court of Justice confirms the position of Schleswig-Holstein
data protection authority, namely Administrators of Facebook Pages are
controllers under EU Data Protection Law

Lawman "logic" complete non-sense

Facebook never ever denied being FULLY responsible for the
platform
Pandora's box opened less than 2 weeks after enforcement

3.3
 Solution://
Nothing against lawyers who are instrumental to sound & optimal
development and implementation of data protection frameworks
BUT

seasoned executives should steer all data protection-related

initiatives and take the lead as CXOs in companies
Individuals will very transverse profiles covering finance, digital,
human resources, legal, procurement, marketing and other
bodies of knowledge

manage the successful transformation from a “You’re the product”

paradigm towards a “Your Data Your Asset” environment
4
Articles on
LinkedIn
Medium 5