Sovrin, GDPR and Sensitive Data Elements
GDPR is getting everyone’s attention from the C-Suite through legal and engineering. But the discussions I have been observing are primarily about theory and not practical steps that organizations can take. Quick video here describing what’s going on with Sovrin, GDPR and Sensitive Data Elements:
As a consultant and investor, I focus on concrete deliverables.
I believe that academic, theoretical, or whiteboard-based discussions are great, but they don’t always lead to something that can be observed or quantified.
When discussions about GDPR and Sovrin suddenly went from abstract to concrete, I jumped in to start assisting. In this case, a gentleman named Paul Knowles discussed where organizations could apply approaches for blocking/locking out attributes (theoretical) to a well-defined list of sensitive data elements.
Paul’s efforts have started to get a list of the types of data that an EU citizen would consider sensitive so engineers, developers, architects, lawyers, etc., can all begin thinking about what it would mean to comply fully.
One of the most significant changes GDPR brings about is a shift in how businesses relate to their customers and clients. In a good way. Rather than constantly monitoring them (through cookies, login tracking, and other intrusive methods), organizations are starting to build relationships based on respect, where the customer controls what is shared. This shift is paving the way for a new era of trust between organizations and their clients.
On a related note, a great podcast episode from a16Z provides some great business and technical guidance. What’s more, combine that with the list that Paul has started, and we have immediately actionable and practical steps that companies can take.
Also published on Medium.