GDPR-day

The much anticipated (or feared-for) day has arrived: May 25th, 2018. Also known as GDPR-day, the day the new privacy regulation enters into force.

We have seen some changes already.

For one, our mailboxes have been spammed with a massive amount of consent-related newsletters requests. Also, most websites now provide you with the possibility to set your privacy preferences in just some simple clicks. In fact, these settings are (or at least should be) by default the most privacy-preserving.

Also privacy policies have been updated for all services, usually in a way that they are far more understandable. And of course there is now the possibility to easily request access to your information.

Great! All done, right? Of course not!

These are just the quick fixes that scratch the surface of the privacy obligations. The heavy lifting still needs to be done: systematically assessing and integrating privacy-preserving measures in all software systems that process personal data.