Nism Unit 10
Published:
Reflections
During preparation for the seminar session, I started to think about the nature of GDPR aims, because the case I investigated, happened before the implementation of data protection and privacy laws. This meant that by today’s standards, the response to the breach was completely unacceptable- no affected users were informed and no other countermeasures were taken.
Following this line of thinking, during the seminar, I introduced my case study and asked ask the question, why did we come up with GDPR regulations? I followed this up by asking whether data has always been something valuable, confidential and sensitive, or did it only become worthy of that status due to changes in what we did with the data? Michael Justus suggested it gained an elevated status because of money (data fuels modern advertising and metrics), while the professor agreed and mentioned you can also sell data in bulk. I found this to be an interesting discussion.