Please sign in to get the most from this site.



1 comment

  • Sion Stedman
    Hi David, happy new year!

    Thanks for sharing these useful posts. It's been great to get advice and guidance from Act-On over the last few months, and it's great to have this community where we can all share ideas and information.

    For what it's worth, I appreciate the need for the GDPR in today's world and I value that the basis of the legislation is privacy as a human right.

    But whatever the ICO might be saying, I cannot accept that implementing compliant processes in a way that addresses four interlocking pieces of legislation (the GDPR, the Data Protection Act, PECR and the ePrivacy Regulation) is anything less than onerous – especially for large organisations with many data sources, CRMs, contact forms and so on. It is taking hours and hours of research and understanding to even know what the nuances of the legislation are, let alone design and implement processes.

    The trouble is that the legislation does not make clear what 'compliance' actually is. This may be deliberate in order to force businesses to err on the side of caution. However, it also means that prosecutions will probably be lengthy, expensive affairs and that too literal an application of the new regulations will cause significant damage to large sectors of the economy as businesses find they are unable to be compliant. This could be either because they simply do not understand how to be or because they are using systems that make compliance difficult, or both. A large amount of thought as to how the law in this area is managed and applied is essential.

    I would suggest an amnesty period post-May 2018, with no or low penalties for prosecutions in the first two years. This will give government, legislature, business and the general public the necessary time to learn how this complex area of law can be applied in fair and practical ways.

    Sion Stedman
    Idox Software Ltd
    Original Message:
    Sent: 12-27-2017 17:57
    From: David Fowler
    Subject: GDPR is NOT Y2K

    Some good insight from the ICO: 

    GDPR is not Y2K

    ICO Blog remove preview
    GDPR is not Y2K
    By Information Commissioner Elizabeth Denham I've been pleased to hear from many of you that the eight GDPR myth busting blogs we've run this year have been helpful in your preparations for the new legislation. There are still some myths out there though and, as we approach Christmas and New Year, there's one in particular...
    View this on ICO Blog >

    David Fowler
    Head of Compliance & Deliverability, Act-On Software
    Comment actions Permalink

Please sign in to leave a comment.