What has Bob Dylan, ethics in data collection and GDPR have in common? More than you think.

Yes, how many years can some people exist

Before they’re allowed to be free?

Yes, how many times can a man turn his head

Pretending he just doesn’t see?

Yes, how many times must a man look up

Before he can see the sky?

Yes, how many ears must one man have

Before he can hear people cry?

The answer, according to Dylan is blowin in the wind.

Bob DylanBack in 1962, Blowin’ in the Wind became the anthem of the civil rights movement. In fact, Peter, Paul & Mary performed it on the steps of the Lincoln Memorial in August of that year, a few hours before Dr Martin Luther King delivered his ‘I have a dream’ speech.

Years later, Dylan explained that the song can mean whatever you want it to mean. But there’s no getting away from the sentiment that it asks questions about what’s wrong with the world. And the solution isn’t that far away.

Fast forward to 2015 and here in Europe a major gust is heading our way soon. It’s called the EU General Data Protection Regulation (GDPR).

Of course Dylan wasn’t thinking about personal data protection when he wrote the lyrics to the song but many pressure groups, consumer protection lobbyists and those that value individual privacy over the rights of Governments and big business will no doubt feel these lyrics speak to their cause too.

But the lyrics also raise an important philosophical point. If we really want to change the world and make it a better place, we can do this without waiting for some piece of legislation to drop on the doormat, right?

Isn’t it enough to do the right thing because it’s the right thing to do? It’s about being in control of our own destiny.

Think about it. Technology shows what you can do. Laws and regulations tell you what you’re allowed to do. But ethics tell you what you should do. The European Parliament, European Commission or the Council of Ministers don’t even feature in that decision.

And that’s a point that’s perhaps getting overlooked as we pick apart in fine detail what will be –and not be – in the final version of the GDPR.

If you limit yourself to complying with laws and regulations, you get stuck at the level of a toddler that only obeys because it’s forced to do so, not because it wants to do so.

The word ‘compliance’ feels more stick than carrot, so I would question whether it can really move mountains and even make the world a better place. The word also presumes that perhaps we’ve been bad in some way and it’s time to change our ways and the only way to do this is by force; by complying with something that someone else has told us what to do.

How depressing is that?

Under GDPR, whether the financial penalty is 2% or 5% of annual turnover for a commercial company is actually irrelevant. It’s a big number. A quantum leap in the financial penalty stakes. And Supervisory Authorities across the EU know this is what ‘compliance’ actually means when it hurts companies into doing something when they’re not keen on changing their ways.

Compliance is also one side of the data ethics debate and at the end of the day companies should be able to convince customers to trust them with their data by being transparent, flexible and morally correct, not just by complying with the law or some minimum standard set by bureaucrats in Brussels.

There’s no turning back from here. It’s time to get with the programme. The rapid ascent of data mining has garnered lots of news headlines and not always positive. As companies seek to capture data about our ever changing habits, privacy concerns have flared all over Europe and beyond.

The reality is that every time you click on a website, post on social media, use a mobile app and comment via email or to call centres, your data is collected for future use. This has spooked millions of consumers, not to mention those that make the laws and regulations into taking action. And it’s not just a marketing or fundraising issue.

It goes much deeper than that.

But the answer to building a better world can’t be left to the law makers. Google, Facebook, Amazon and Microsoft take the most private information and use it to drive their empires.

But they should be leading, not following, the changes that are blowing in the wind.


Leave a reply