I’ve been following the passage of GDPR from ideas to law over the last couple of years, and I’m convinced its effects will be far reaching, and extremely disruptive to the industry I work in, but also any industry that collects and processes data around customers.
I started chatting with a friend Maik, and we’re now testing to see if there’s interest in an event around it, that we’re calling OMGDPR.
Okay, what is OMGDPR?
OMGDPR is the working title for an community-run, open space event, in Berlin in late March/early April for practitioners who build digital products or services, to learn from each other about GDPR will affect their organisation, and by extension, how they work.
Wait. You keep saying GDPR. What’s GDPR?
GDPR is the short name for the what’s being referred to as most the important change in data privacy regulation in 20 years, and stands for General Data Protection Regulation.
I’m going to cheat here and use wikipedia’s summary of the changes to the law:
“The proposed new EU data protection regime extends the scope of the EU data protection law to all foreign companies processing data of EU residents. It provides for a harmonisation of the data protection regulations throughout the EU, thereby making it easier for non-European companies to comply with these regulations; however, this comes at the cost of a strict data protection compliance regime with severe penalties of up to 4% of worldwide turnover.”
The GDPR also brings a new set of “digital rights” for EU citizens in an age when the economic value of personal data is increasing in the digital economy.
The key takeaways are:
- citizens have a new set of digital rights (like a right to access to data kept about them, right to erasure of data held, and so on)
- the changes to the law have teeth – the fees for non compliance are sufficiently high to threaten the existence of a company that continues to break them
Wow, ‘threaten the existence of a company’? Now I’m interested.
The changes to the law arrived in late May, and they affect every company in the EU, but loads of companies, particularly smaller ones aren’t really prepared for it yet.
There’s also lots of FUD (Fear, uncertainty and doubt) around, so our intention was to create a space to let people talk about it in a relatively welcoming, safe, informal environment so they can see what they need to do if they haven’t had the time to think through a response to it.
Likewise, we’re hoping there will be a chance to learn from others who have had a chance to look into it, and would like to see more organisations treat personal data with the respect it deserves.
Okay, how do I find out more?
The easiest thing to do is try filling out the form below that we’re using to gauge interest – we’re aiming to run the event along open space principles, where people:
- bring the topics they’d like to discuss
- autonomously form into groups to discuss the topics that they are interested in
- report back what they learn for the rest of the group to reflect on or capture
- leave the event, with a clearer idea about what they might do
Here’s the form:
Okay, that’s it – if this interests you please give the form a go, and if there are typos or missing questions, do please let me know.