GDPR and Sovrin – Sensitive Data Elements
GDPR is getting everyone’s attention from the C-Suite, through legal, and into engineering. But the discussions that I have been observing are largely about theory and not about practical steps that can be taken.
Quick video here describing what’s going on for those of us that prefer video:
As a consultant and investor I focus on concrete deliverables.
Academic, theoretical, and whiteboard discussions are fantastic but they don’t deliver results that can be measured and seen.
When discussions about GDPR and Sovrin suddenly went from abstract to concrete I jumped in to start assisting. In this case a gentleman named Paul Knowles (LinkedIn) took a discussion where approached for blocking/locking out attributes (theoretical) could be applied to a well-defined list of sensitive data elements. Paul’s efforts have started to get a list of the types of data that an EU-citizen would consider sensitive so engineers, developers, architects, lawyers, etc. can all begin considering what it would mean to fully comply.
On a related note there is a great podcast episode from a16Z that provides some great business and technical guidance. Combine that the list that Paul has started and we have immediately actionable and practical steps that companies can take.
The biggest thing I see happening here with GDPR is that the relationship with our customers and clients is changing – in a good way. Instead of surveilling (cookies, login tracking, and other nastiness) we’re establishing a relationship of respect, where the customer controls what is shared, and businesses work to build and maintain the trust.
As always, reach out if you have any questions. Join my newsletter if you want to be kept up to date as well (it’s every couple of weeks and short).
[update 2018-04-23 – put link in for a16z podcast]
Also published on Medium.