As legal professionals, we are constantly diving into the deep end of the compliance issues related to GDPR, looking at the specific rules of law, fields of applications and meeting the imposed requirements. When you are that concentrated on applying the rules, it can however be easy to forget why those rules were drafted and how this not only concerns us all professionally, but also as consumers in our private life.
The contrast with the days when Convention 108, the first legally binding international treaty on data protection and privacy, was first rendered official back in 1981, could not have been much clearer. Little did the people writing those texts know to what extent the digitalization would pick up speed over the next decades or could they have imagined the way that businesses and society are now being driven by data. This means that there is a lot of commercial value attached to it, which will attract the attention from anyone trying to enrich themselves.
To raise awareness and inspire dialogue among people about the importance of the principles of privacy and data security for both individuals and companies, every year on 28th January, the signing of this first convention is commemorated around the world.
Why it is (still) relevant
Whether thinking as the individual you are or as the organisation you represent, there are some core values to consider.
Putting our “individual” cap on, some values that come to mind are universal principles as respect, trust and freedom. Every human being has got something that they would rather not have known to the world, ranging from small habits and possibly embarrassing activities, to medical history, religion or political convictions. The right to choose when you share what kind of information and with whom, is intrinsic to our basic human social needs and to the notion of freedom. If you have no control whatsoever on the type of personal information that can be shared with someone else at any given time, this could very easily make you limit or change your behaviour in an attempt to comply with what is expected. This principle applies to all people, regardless whether their behaviour is driven by good or bad intentions, nobody wants their secrets out there.
When putting our “company” hat on, the privacy of your customers should matter enough to you to show them that you respect their personal life and their individual identity. Clear communication and transparency about what kind of information you collect and how this is processed or stored, makes you earn your consumer’s trust. Make sure to put sufficient effort into safeguarding the personal information in your business records, as obviously, cyber-attacks malware and phishing actions are on the rise.
One thing that concerns both individual consumers and organisations, is that any personal detail can be important for your reputation at a given moment in time. Staying on top of things proactively, will enable you to more actively manage your reputation and limit or avoid any damage done to your image in the future.