The short answer is – yes … but …
Ironically, we read much about data confidentiality or the breach thereof concerning one’s personal affairs, including egregious violations, made easier by so much being available and our having to do things online, and the ability of some to get at that data and use it wrongly and without permission. But in recent months, I have noticed increasing constraint concerning the way data is handled that does affect us all and has affected me in a number of ways:
- Some of the files that are shared with me though email etc. are now password protected.
- Data is not being shared among partners as it once was e.g. in my work among the homeless.
- I am getting letters from organizations, whose mailing list I am on, asking whether it is ok to continue (and presumably if I don’t respond I stop receiving – even stuff I welcome).
My initial reaction in my grumpy dotage has been “give me a break” and I could do without the hassle. Moreover, on a professional basis it has added barriers to potential productive partnership working.
When “Googling” in order to find out more what is going on, I found responses like: “The EU’s General Data Protection Regulation (GDPR) was introduced to unify all EU member states’ approaches to data regulation, ensuring all data protection laws are applied identically in every country within the EU. It will protect EU citizens from organisations using their data irresponsibly and puts them in charge of what information is shared, where and how it’s shared. The GDPR is due to come into force on 25 May – and even though the UK is due to leave Europe in the next 12 months, it will still apply to all businesses handling EU residents’ data, effectively replacing the Data Protection Act 1998. Complying with GDPR is vital. Any business found not sticking to the rules could be charged fines of up to €20 million or 4% of the company’s global annual turnover, though the toughest fines will be reserved for the worst data breaches or data abuse.”
When I asked my Facebook friends their opinion so I can formulate my own response and be able to write on the subject intelligently, two of the (personally) helpful replies that I received were:
- I think it was the late Chuck Missler who made the argument that as a society becomes less Christian, it needs more and more regulation to prevent behaviours which would once have been almost unthinkable. I believe we are seeing a gradual withdrawal of “common grace” and when it diminishes far enough, western society will fall.
- GDPR will indeed affect what we do as churches and as volunteers. Basic rule of thumb is don’t use anyone’s “data” without permission. Trickier still, if you have the information for one purpose, you can’t use it for another, without explicit consent.
I suspect inaction is not an option as far as I am concerned. While I would like to think pragmatism, good will and common sense ought to suffice, it is quite likely that when it comes to sharing information I would need to think twice and I could even be forced to send out “please give me permission to allow me to send out useful information on subjects specified otherwise if you don’t or I don’t hear from you I will stop” missives. I wonder too how much impact this will have on personal data being accessed and misused.
Making unwanted calls (I still receive these on an almost daily basis) or sending unwanted material (electronic and hard copy), should be discouraged but will it stop – I doubt it. I fear with GDPR we may have another case of a sledgehammer to crack a nut. But maybe there is a silver lining in this cloud, and it will cause us all to respect people’s privacy and their data that more – I hope so.