GDPR is Eating the World - Part 2

You’ve heard it all before. 

  • Software is eating the world 
  • Data is the new oil
  • Monetize your digital assets


You believe how well a company uses and manages data is the key to 21st century competitiveness.

You might have even sent some colleagues a link to Andreesen’s Software is eating the world article.  No response. Many of us have fallen into the same trap. 

"Better, faster, cheaper doesn’t sell – With a world suffering from information overload, no one’s buying." 

Bottom line: With a technical value proposition, you must show, not tell.

Imagine if Henry Ford had sold his first car based on a pitch about his assembly line. Wouldn’t have gone over so well. Instead, he used assembly line’s technical value proposition (remember there were over 100 car manufacturers at the time) to create a car at a new price point. Instead of better, faster cheaper, the value proposition was –

“Now you can afford the same transportation as the rich”

What does this have to do with GDPR?


With 99 recitals, GDPR does many things, but a core underlying concept is Privacy by Design. What this means is that organizations with EU resident data need to design in privacy from the ground up. In other words, companies must get (a lot) better at controlling data. 

Unfortunately, this is just another version of the better, faster cheaper story: It doesn’t sell either to customers, or to other executives in the company.

Think about it – if your organization gets much better at handing data, what else can it do?  

If you’re a b2b marketing or financial payments company, you could extend your offerings to include data governance for your customer’s customer data. 

“Now you can afford the same data governance as the rich companies”

If you’re a commercial banker, you could avoid regulatory fines while finding the experiences millennial crave and create richer, experience-based customer engagement with your payment solutions.

“Now you can afford to be treated with the experiences you deserve”

The point is, even though ignoring the operational risks I mentioned in Part 1 of this article could land your organization on page 1, that pitch doesn’t win you friends (or customers) either inside or outside your organization (except, perhaps your CFO).



A better approach for legal, compliance & operational professionals

is to attempt to partner with the business to create new customer engagement, with richer experiences, more personalization and attack or create new markets with new business models. Like going to the gym, universal data governance is building new muscles and endurance. But sell the hike to Machu Pichu or the new girlfriend, not the long trips to the YMCA.


GDPR presents a trigger point: Don’t fall into the better, faster, cheaper trap. 

There’s a sad reality though –  most people who buy gym memberships never set foot in the gym a second time. The same is true with data governance/GDPR compliance. Given the short term thinking prevalent in so many organizations, many executives in these organizations are not interested in the heavy lifting required to put data governance in place as a catalyst for richer customer engagement and access to new markets. 

In that case, the right time to push for GDPR compliance in operations will be after the front-page article comes out, or after the organization is disrupted by digital natives like Amazon or Apple. At that point it will be too late of course…


This is the second part of a 2 part article on GDPR. You can find the 1st part here.

Learn more about how to how to solve for GDPR through automation at