The Real Cost of GDPR: Christmas will have to be cancelled

Your GDPR Questions Answered
6th February 2018
ACE Industry white bg
Construction Software and How to Monetize it
15th October 2018
Show all

The Real Cost of GDPR: Christmas will have to be cancelled

Tablet and EU Padlock with Yellow Stars

With the deadline of May 25th, 2018 looming, organisations are hustling to become compliant with the EU's General Data Protection Regulation (GDPR).However, it appears that the new regulations may have a completely unintended consequence. Yes, we're sorry to have to tell you this, but as a supplier of technology that enables firms to comply with GDPR - Christmas will have to be cancelled. It might have been the snow in London last week that turned our minds to Christmas and all the joy, bonhomie and gift giving (and receiving) that comes with it. But then, as our team worked on a GDPR customer case, the two realities came crashing together in one horrible and oh so vivid flash of realisation; Santa is not GDPR compliant.


Christmas 2018 is going to have to be cancelled!


It brings us no joy to have to tell you this, believe me. Nevertheless, the harsh reality is unavoidable.

GDPR, in essence, involves two checkboxes. If any organisation checks both boxes, then there are two consequences. Although it pains me to do so, let's work through this process for "Santa's Workshop Inc":

  1. If an organisation collects, stores or processes information on EU nationals, GDPR applies. It doesn't matter where the organisation itself is based. Santa' workshop may be based in Canada, northern Finland or Russia, but it doesn't matter. Santa's list involves quite a few EU citizens.

GDPR applies to Santa.

  1. Is the data 'personal'? Well, this is pretty obvious - Santa provides perhaps the most tailored gift-giving service in the world (sorry Mr. Bezos…) so if he's not working off a list that holds personal data then water is clearly not wet.

Santa works with personal data of EU citizens.

  1. If an organisation holds personal information on an EU citizen, that person is able to ask the organisation what information is held on them and the organisation must comply with the request. Now, seriously, has anyone among us, at any point, sent a letter to Santa's workshop and actually gotten a reply? No, thought not…this is strike 1 for Santa.
  2. Related to point 3, the person should also be able to request that the personal data held on them by the company is deleted. I'm not sure why anyone would want to do this, but nevertheless, Santa's Workshop Inc. isn't known for its customer support channel and accordingly Santa is unable to comply with any delete request. Strike 2.

That's it - Santa is clearly not GDPR compliant.

There is only one unavoidable conclusion to be drawn - Christmas 2018 will have to be cancelled. Sorry.
GDPR compliance is actually pretty tough for businesses - If you're not that worried about Santa or perhaps you don't even believe in Santa (what!?), but you'd still like to learn more about GDPR, check out this more detailed summary in our blog post Your GDPR Questions Answered.
10th May 2023

5 Reasons Why Web Applications Need a Software Licensing Engine

Dedicated licensing engine provides significant value and helps overcome complexity. In this blog we explain the complexity and how to solve it.
7th October 2022

How Centralized Software License Management Will Increase Your Revenue

License management is typically looked at simply as a cost of doing business. When done correctly, license management can be an engine of revenue growth, removing […]
18th August 2022

Cloud-based Software Licensing | The Modern Way

Every kid coming out of Harvard, every kid coming out of school now thinks he can be the next Mark Zuckerberg, and with these new technologies […]
11th April 2022

Software Licensing System – The Build vs. Buy Conundrum

To build or buy a licensing system – the huge question all growing software vendors will face. This blog will help you make an informed decision.
13th December 2021

Licensing As a Service – Why It’s the Modern Way of Software Licensing

Licensing as a Service, a new method of software licensing, offers flexible and effective means of monetizing software products quickly and easily.
20th August 2021

10Duke 101 – Understanding the Basics of 10Duke Licensing

A brief introduction to 10Duke’s Licensing Solution. We will go through its main concepts and how to integrate with 10Duke, including delegation of authentication, product configuration […]
12th May 2021

Software Activation – The Good, The Bad and the Modern

Software Activation is a technology that verifies a software product has been legitimately licensed for use. Learn how to do it effectively.
29th March 2021

Is Sharing Really Caring? Not If It’s Your Password

Password sharing may seem harmless, but it actually puts your business, employees and customers at risk. Find out why what you can do to prevent it.
18th February 2021

Software IP Protection – How to Protect Software Intellectual Property?

Software IP protection strategy is not just about limiting access. The best IP protection software also aims to enhance customer experience.

With the deadline of May 25th, 2018 looming, organisations are hustling to become compliant with the EU’s General Data Protection Regulation (GDPR).