|
|
|
|
|
|
by existencebox
2972 days ago
|
|
|
Context: I'm currently responsible for GDPR compliance within a small corner of a Very Large Company. I'm going to avoid making a statement about GDPR as a whole or about the OP, but I will say that I don't think large companies having an advantage at this phase is "bullshit." One specific aspect of GDPR seems a good example of this. Third party data processors. If you use various third party products that provide tracking, testing, or other shims, you're responsible for ensuring export and delete of any PII associated data that flowed to those channels as well. Now, you can say the response is "if your partner doesn't have responsive channels, you have to pull the data" to make onesself compliant, but BigCos have the implicit advantage of being able to push the other direction, and get systems/functionality built into the third party product to allow them to be supported easier. The amount of face to face time, support, and "deep touch" I can get with third party companies when compared to prior smaller corps is very apparent to me, and I'd be lying if I said it didn't make my task of ensuring GDPR compliance easier. Whether that translates to "more power", I don't know. But it's certainly an enabler. |
|
|
while small companies don't have the big legal teams, they can just hire a consulting firm to go over it with them. they also have the benefit of being nimble, having smaller dependency trees, and typically using 3rd party tools which will generally implement this tooling anyways since their customers will likely need it. BigCo likely did a bunch of roll-your-own projects that have become black boxes over time.