GDPR — the Glory Days of Personal Rights?

The clock is ticking: European companies have got until May 25th this year to establish new systems to go with the new General Data Protection Regulation (GDPR). Basically, this new law aims to enhance the privacy of EU-citizens by demanding a lot more from companies in terms of handling personal data. You should no longer be able to stay in a data base for years without your consent or denied access to any information that regards you — way to go!

There could not be a better moment to ask yourself: just how attentive are you to your integrity? We’re currently helping ourselves to apps and programs with such an appetite that accepting terms and conditions has become highly de-dramatized. We accept them on reflex; unless willing to spend half our days scrolling through masses of minuscule, excessively formal text (right?). The same carefreeness goes for sharing our personal informations. And it’s really no shocker — our surroundings constantly ask us to identify ourselves, and how else would we do it?


Well, we do imagine other ways. We’re surprised that a society that’s gone through such a remarkable development in technology still uses the old-fashioned YYMMDD-XXXX as go-to identification system. We obviously need something more profoundly customized than a ten-digit number to identify us — a social DNA impossible to replicate, waterproof for any unauthorized use. Something universal that spares us from constantly being a tad too generous with our personal details.

”We’re convinced — it’s not far away.”

What if all we needed to identify us in every social context were our iris, a finger print or the simple tone of our voice, encrypting all our personal details and eliminating the risks of identity hijacking? We’re convinced — it’s not far away. The technology for such identification is already upcoming, currently being used for unlocking smartphones and simplifying personal logins. What’s  to say that we could not take it one step further and use it for social and professional purposes, such as sharing personal informations with your employer just by the touch of your fingertip or accessing to your bank by nothing but an eye glance?

One step closer could be through alternative services such as Google Authenticator; a software that in addition to username and password requires a third part device receiving a verification code to complete the login. This additional step already cuts back the risks of misuse. Still — always curious — we can’t help but to play with the thought: what holds the key to that one discovery that could lift a system from its 99,9% of safety to those 100% that we’re aiming for? Two-step verification is effective although we need to keep in mind that it still gives access to anyone getting their hands on the right numeric information; it’s just making it harder to get to it. How can we create identification systems so smart and delicate that they don’t validate logins based on the right password but on the right user?

There’s always a hook: the more refined and personalized we want our systems to be, the more details we’re going to need to define about ourselves. Some people cringe to the thought of registering their fingerprint, iris or voice by the uncomfortable feeling of being systematically analyzed or even tracked. It’s been more artificial to digitally exist only as a number; it’s less incarnating the real you. Digits are only symbolic while a fingerprint would be concrete. We’re simply going to have to ask ourselves just what price we’re willing to pay for social safety, for integrity — or if we’re even going to need to pay at all. The truth is: if we’re already sharing our fingerprint with our smartphone just to quicken our log-in with two seconds, why would we find it more disturbing to use it for a bigger purpose?


GDPR is going to be a game changer when it comes to work-related integrity. It’s going to give us the right to insight; in some cases to even say no. The right to be forgotten. But it’s not going to be your golden ticket to water-proof integrity — not yet. The beauty of GDPR is that it will raise the subject of the right to integrity, simply because companies have no choice but to ask themselves the question. And the questions won’t stop there. Not until we’ve come up with the solutions to answer them.