This post is also available in: Deutsch (German)
Translated with www.DeepL.com/Translator
As shown, elementary misconceptions and inadequacies exist in the current EU data protection law. The list could be continued for a long time. One reason for this is certainly that the law was obviously drafted by the data protection lobby. This can be shown by various examples, my dearest thing is the liability of the data protection officer: this is not regulated in the law: Honni soit qui mal y pense!
I am convinced, that with the GDPR, we don’t address the mos urgent data Protection challenges.
The law focuses completely on outdated principles and static measures. It is impossible to use principles from the 1980s to regulate today’s networked information society. In addition, the majority of users reject these rules. For this reason, it will be up to innovative minds to find solutions to the problems outlined here. Among other things, these can consist of using the mechanisms and procedures of Big Data Analysis to get a grip on the escalating data protection regulations. In the future, it should be possible to analyse contracts/TOUs as well as data protection declarations easily and quickly. There should be a rating system that allows us to immediately assess the impact (risks) of certain technologies on us (technology impact assessment). As shown, data protection is only one of many trends that are massively influenced by technology development.
Both organizations and individuals should be able to easily understand what data-related risks are. And when I talk about risks here, it is also about opportunities. Most of the technologies mentioned here will move mankind forward. We will be able to solve problems that seem almost insoluble to us today. It is already becoming apparent, for example, that a fundamental change is taking place in the area of energy delivery that is only possible with information technology. Mobility will also become more secure and much more efficient at the expense of traditional data protection.
We are called upon to incorporate the necessary control mechanisms into these new technology components. Security, or rather, the recognition of risks and conscious action is one of the most important challenges for the future. Data protection is an important social obligation, but it must be seen in the context of all other challenges.
The opportunities offered by the new technologies, as well as the experience gained in information management and information governance, have been completely neglected in the GDPR. Here it is necessary to do our homework and present a new draft law as quickly as possible.
As legislators, we are called upon to break new ground, to study developments in society closely and, above all, to understand what data protection means in a modern context. In my view, the basic principle of informational self-determination, as interpreted by data protection today, has died. It will have to be reinterpreted in such a way that it does justice to today’s and tomorrow’s information society.