< Go back to Blog

GDPR Before It Was Cool

We all have heard of GDPR probably more than we would like to. However, what impact did its implementation had on the security and surveillance industry, and what do we think (and do) about it?

Mauro Peixe

Co-founder and CTO

Oct. 11, 2019, 11:19 a.m.

Even though it’s a bit settled down and forgotten already, we have all heard of GDPR probably more than we would like to. The whole buzz could almost be called a perfect example of unification - no matter the industry you were in around May 2018, the impact was felt, and the vibe of Something Changing was in the air. I believe it is safe to say that various kinds of security providers (in some ways - we are one of them, too) felt that their job and innovation provisions were particularly threatened.

Most of us, non-lawyers and non-politicians, grew into hating it. And while part of this hate was (and still is) reasonable, understandable and all the other -ables, we, those who actually work in the security industry, know how important that kind of protection is, and we knew it already before it came out to the rest of the society. You see where I’m going with this -

data protection IS a good thing, and Heptasense realised that, when developing the idea and the product. By using logical thinking and all the knowledge we had about the processes of the world and its development tendencies, we understood - you got to take care of data protection and keep identities safe and secret before you can even think about using data.

What’s said is done, and we set a goal of making ourselves and our products 100% GDPR-proof. At the end of the day, being on the “human” side of this, we, too, wouldn’t want to be left out there with our faces and names familiar to any retail security guy. The keyword for this is “balance”. It was crucial to find the exact spot for standing in order to get the best possible result with the smallest possible inconveniences for anyone involved in the whole system.

The things we do, they are as interesting as challenging, because there is so much to take into account. Without even bothering you with the details of software engineering and machine learning, the anonymity itself is completely crossed with fine lines to step onto but not over. We want to feel safe but don’t want to be surveilled, we want the criminals to get caught but don’t feel like sharing OUR personal information (because WE are not the criminals, how can they not know that!), we want to avoid car crashes but those 10 extra km/h won’t change anything, will they, and so on. We need a solution for this BUT WE NEED OUR PRIVACY.

That’s a fine line. Where does the privacy end and the personality start? Which one is the one that needs protection? Which is the sign that allows to reveal the bad guy? Is it only the bad guy that deserves the spotlight? One of the main things that make us, Heptasense, unique and not only worthy for the security professionals and innovation departments but also likeable for all the humans, is the identity protection. We are not claiming that we have the only truth and the right answer but I would like to think that we have pretty much mastered the data protection, even before GDPR made everyone do that, making that one of our main goals, achievements and selling points.

We believe that proactivity is the key, and the ideas you’ve come to on your own, are the ones worth chasing.

If they eventually align with the direction of the legislation - perfect, you’re doing something right (but they have to comply with the existing legislation at all times, don’t get me wrong).