The GDPR aftermath; your compliance from 00 to 0000

Following up on the earlier post on how GDPR is Y2k’s legal party sibling (as here and here), an evaluation – mid-term, mostly, re your compliance…:

  1. You shouted loud enough. Right. That’s the Y2k escape claim in full force and colours. And untrue. The skies haven’t fallen in like they would have with the renewal of the millennium we live in, but a. things did go wrong, back then, and b. this time, non-compliance isn’t that obvious so your claim may fail, as shown in the next option:
  2. There’s all sorts of under water non-compliance and you just haven’t been found out …yet. This is the dangerous one, where most of you will be…;
  3. You actually are compliant and need not worry at all about possible audits, fines, etc. – that would be miraculous ..! Certainly since this.

So, all of you: Option 2 it is. ‘tMay now seem to just have been yet another law flying by to become and stay compliant with, but … are the professionals who do truly care the only ones that care somewhat, still ..?
Unfortunately, ‘privacy as a competitive differentiator’ hasn’t caught on. New-style-awareness hasn’t caught on.

Also, some sobering up thanks to the above, hasn’t caught on. “The probability that a certain person be stupid is independent of any other characteristic of that person.” is a law of nature [per here]. Demonstrated yesterday at some gathering. Some scaremonger-sputtering by lawyers that did not show too much exposure to praxis i.e having to implement real solutions, the kind that do something. Stories much detached from reality and from actual insights; nice among academics maybe [suspecting any half-decent true academic would FLAK the castles in from the sky with ease – just shoot some shot in the air and some of their ‘logic’ [quod non] will fly through it. But with zero answers, or general directions for solutions that one can see from miles away [that’s how far from implementable they stand] already the sketches of design of solutions from them, inherently cannot work.
Including the all-time favourite “One should have that conversation”, presented as the solution already. If you wondered: Yes the ‘conversation´ demonstrated, proved that that is false.

Leaving those that still care somewhat, at a loss.
The only gain so far, being the extension of infosec people their insights into what ‘awareness’ should entail, and how one should engineer campaigns re that. Tying into psychology ewww! including sociology. New terrains, easily mastered, but with the science (??) origin, Awareness CampaignsDraftWorkingPaper yet fully developed …
Didn’t I post already somewhere that betas typically understand, gain insight in, master alpha sciences easily when needed, but the other way around, not so much? Same, here. Case-resting obvious.

Oh well:

[Your Right to Erasure; National Gallery of Art / sculpture garden]

Leave a Reply

Maverisk / Étoiles du Nord