Content Copyright © 2016 Bloor. All Rights Reserved.
On occasion I have had to take vendors to task for over imaginative marketing of their various products. SAP is probably the most egregious current example of this with its over-hyping of HANA but at least that’s just a single product/company. However, in the more than twenty years I have been an analyst I have never faced such a deluge of stuff as with GDPR (general data protection regulation).
Some of the things I have seen written about GDPR are sensible, some is self-seeking, some is misguided and some is downright appalling. Most of them fail to discuss the issues that need to be addressed from a technical perspective.
The worst thing I have seen was a simply awful press release from something calling itself “The Center for Data Innovation”. This effectively congratulates the UK for leaving the EU on the basis that the UK will now be able to escape (I paraphrase) from the dead hand of European privacy restrictions. As you might expect, the organisation is American (though I suppose Russian might be another possibility in this context). My immediate reaction was to wonder if these are the same sort of people who don’t believe in Darwin. In any case, the press release is just plain wrong.
Most of the rest of the stuff I have seen about GDPR falls into two categories. Either it’s from legal eagles, who obviously think (no doubt rightly) that they can make a bunch of money out of GDPR, or it’s from vendors who are offering a “solution”. Let me knock the latter on the head: there is no single solution or tool that will resolve all your GDPR issues. Even data masking and anonymisation, which some suppliers (those who sell data masking) seem to think is a silver bullet, is only a partial solution at best: you can’t, for example, do one-to-one marketing if data is anonymised.
The truth is that complying with GDPR will require a strategic approach and, by definition, strategies require more than a simple assemblage of tactics: they require a more holistic vision. We have a paper, currently in draft, that explores the data management implications of GDPR in some detail. Multiple tools and techniques will be required for organisations seeking to comply with the regulation.