The GDPR: A Call For Compassion

For many companies today is D-Day: the GDPR (General Data Protection Regulation) is effective as of this date (25 May 2018). For me, this day holds a call for compassion.



Unless you are using the Internet without an email address (is that even possible?), over the past few months you may have received numerous emails about privacy policy updates and/or asking your confirmation for newsletters that you have been receiving already. Yes, those were all related to this new European law, and yes, it is recommended to have a look at each and every of those messages. If only to take your inbox through a bit of Spring cleaning and finally opt-out for those newsletters you never read anyway! (Ehm, you read mine though…right?)


As much as companies have prepared themselves for this new regulation, or tried to prepare themselves, we still live in an Universe of infinite possibilities. So, as I am writing this post, a BBC article reports that “[a] number of high-profile US news websites are temporarily unavailable in Europe after new European Union rules on data protection came into effect.” No surprise there. No worries either. Take a breath, and read on.


Naturally, I’ve had to do my part of preparation for this new regulation as well. Therefore, an updated version of this site’s privacy policy can be found here and is always accessible through the footer of each website page. I haven’t sent out a renewed request to confirm your subscription to my newsletter or blog updates because all of my subscribers have opted in knowingly, and the option to unsubscribe is always available at the bottom of each mail. Still, if you’re reading this and have questions about it, or wish to give me feedback, please do so by leaving a comment (below) or mailing me at pauline [at] business


The Call For Change

The GDPR entails a change. For most companies it entails a change of their privacy policy, for many companies it means they have to appoint a data protection officer (DPO), and for all companies it invites a more mindful approach (quoting The Economist):


“Mastercard, for instance, has built portals for card holders to check what data are being kept. Efforts of this sort have made the company “more mindful” about how it treats personal data, says JoAnn Stonier, Mastercard’s chief data officer. Such mindfulness will spread. Firms have to make sure that businesses from which they receive personal data, and ones to which they send such information, are also in compliance. The idea is that the GDPR should become self-policing.”


Change usually feels like a pain in the butt at first, but we all know that – eventually – we will get used to this new approach to dealing with personal data online. We might want to invite some compassion, though.


The Call For Compassion

To me compassion is an act of love where empathy and sympathy are being put to practice in order to relieve suffering.


In the case of the GDPR, our suffering used to consist of not knowing what companies were doing with our personal data online (before 25 May 2018). Our current suffering, however, consists of a flood of emails about privacy updates, several law regulated changes that we have to make, and the fear that we’re still overlooking a part of the GDPR – which could possibly lead to a fine.


Okay, let’s take a deep, deep breath and invite some compassion here.


As much as the required changes may feel overwhelming at the moment, a compassionate approach means dealing with the issue as best as we can deal with it NOW. It means not judging ourselves for what we don’t yet understand, nor judging others for a different tempo in this change. With continuous awareness, the required adaption follows the flow – that too, is a Universal law.


There’s the bigger-picture-point-of-view as well:


As I have stated before, I perceive the Internet as a new part of society that – in our ignorance and process of growth – has been de-humanized on many levels. More recently, though, we are (re)awakening to the Internet’s capacity to connect us on a human level as well as the known technical level. In my view, the GDPR is an important part of this growth and awakening process. The regulation emphasizes a more understandable way of communicating which (parts of our) personal data will be used for what purpose. Thinking of how I usually glance over the policy statements that seem to have been written so that only lawyers really understand them, and simply continuing by ticking the box to agree with those complicatedly formulated terms and conditions, I welcome a change to better comprehensible statements. And when I write “I”, I don’t think I’m the only non-lawyer that never understood what she was actually agreeing to.


So, at the level of a more human Internet I see the GDPR as a contribution to that. Perhaps it doesn’t yet contribute to more clarification, perhaps it never will. What’s most important is that the intention for transparency and clarification is there. It’s a start. It’s a start to the introduction of an Internet where the elements of Love, Peace, Joy, and Community are more prevalent – it’s a start to a more compassionate world (wide web).




I started blogging mainly because of my interest in organizational cultures and (online) communications. Over the years it has become my passion to help professionals and entrepreneurs build their dreams, accelerate their results, and create richer, more miraculous lives.
No Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.