Galactic Dangerous (im)PRobability

en in code • 3 min read
Mind the age! Most likely, its content is outdated. Especially if it’s technical.

25th of May. The celebration of Towel Day since 2001 and GDPR, regulation in EU law on data protection, since today. I would start with the phrase on the cover of The Hitchhiker’s Guide to the Galaxy:


It’s not going to be bad. Definitely, it’s going to be challenging for some of us, but it’s not going to be a big problem. In the end, GDPR says shortly only this: you have to…

  • know where is personal data stored and keep it secure,
  • publicly explain why you store personal data and how you are using it,
  • ask your users first,
  • respond to a request to get or delete all data about your users,
  • and automatically remove all old data you don’t need.

(Use GDPR checklist, for example, if you need a more precise list.)

It’s not bad, or is it?

For me, it looks like common sense. Usually, you don’t need to do almost anything. Many of those restrictions are valid for a long time. GDPR comes just with some news like:

  • it’s valid for all companies processing data in the EU,
  • brings high penalties (but only for big companies and anyway you will get notice and time to be compliant with a law!),
  • consent has to be clear (now it could be hidden in legal terms),
  • and right to be forgotten with data portability.

In the end, the only problem is the last point, the right to be forgotten, as it comes with some technical challenges. A usual company can deploy just some form, for example GDPR Form, and process incoming requests manually.

The only issue is for bigger companies with technology like Kafka or blockchain, where is historically user e-mails or other personal information instead of some random hash, or backups on types or other backup without ability to change the backup files.

Companies have to fix how they process personal data, and I think it’s a good thing as security is tough and complicated, and privacy very important. We have many leaks. It’s good to bring strict rules with a high penalty so the Internet can be more secure and support privacy.

I will ask you a question: would you like if a restaurant would have a dirty kitchen? Of course not, and there is a law to protect you.

Another question: would you be pleased companies could track any information about you without your knowledge and share it with anybody? For example mobile operator, your history where have you been? Well, they do that. GDPR is that one giving us the right to know and be in charge of our personal data.

Until now, companies are like, “How much data can we trick people into giving us? We’ll figure out how to use it later!” Now it’s not accepted thanks to GDPR.

One important note: When some company starts to block EU citizens because they are not able to be compliant with GDPR, it means they do something very wrong, and that service should be avoided from any part of the World. Because when even companies like Google can be compliant…

Let’s end it with a joke:

“Do you know some expert on GDPR?”
“Cool, can you give me his contact?”

And, of course, DON’T PANIC!

You may also like

en Makefile with Python, November 6, 2017
en Fast JSON Schema for Python, October 1, 2018
en Deployment of Python Apps, August 15, 2018
cs Jasně, umím Git…, August 6, 2014
cs Checklist na zabezpečení webových aplikací, March 1, 2016

More posts from category code.
Do not miss new posts thanks to Atom/RSS feed.

Recent posts

cs Mami, tati, přejde to, December 9, 2023 in family
cs Co vše bychom měli dělat s dětmi?, November 24, 2023 in family
cs O trávicí trubici, November 7, 2023 in family
cs Na šestinedělí se nevyspíš, October 28, 2023 in family
cs Copak to bude?, October 20, 2023 in family