A GDPR lesson from Y2K, with duck sauce

May 21, 2018
  • GDPR
  • International Admissions and Credential Evaluation
  • Technology
  • Data
  • Data Governance
img_0690 Remember Y2K – the massive damper to our December 31, 1999, New Years Eve parties? A computer programming flaw -- the so-called "Millennium Bug," led to anxiety about "Y2K" (Year 2000): When complex computer programs were first written in the 1960s, engineers used a two-digit code for the year, leaving out the "19." As the year 2000 approached, many believed that the systems would not interpret the "00" correctly, therefore causing a major glitch in the system.

With the stroke of midnight came…nothing. By and large, it was business as usual.  Programmers, corporations, and people in general heaved a sigh of relief, though there were a few "told-you-so" smug smiles.

Y2K was to IT, what GDPR is for Data Protection and Hygiene

Recalling Y2K on its tenth anniversary, Paul Ingevaldson, former senior technology executive at ACE Hardware, noted that, “For the first time, companies realized just how critical IT was to business operations. At retailers such as Ace Hardware, for example, the rise of e-commerce had forged a direct link between downtime and lost revenue. There was no way they could not understand how important IT was to the company."

GDPR has been that kind of catalyst for data protection and hygiene: enshrining data protection as integral to the fundamental human right to privacy

While the U.S. Constitution is unlikely to change on this point, GDPR is an opportunity to consider how we use, process, store, and retain data.

In a whimsical rumination on developing an internal GDPR policy, Len Murphy, Vice President and General Counsel at PLRB, likened the data we collect to the condiment packets at a takeout counter: If no one is around to ask, we take what we think we might need, and perhaps a few more for a time in the future when we may want duck sauce. Those packets end up in the car, a drawer at home, or in our refrigerator until perhaps they are used, but more likely discarded.

May 25, 2018, when GDPR goes into effect, is a good opportunity to get rid of all of those packets of stale data you are holding onto for no clear reason -- and possibly without consent.