“Those laws and regulations do not apply to us”

Please do not talk about having the individual, the customer, the recipient, the beneficiary at the centre of everything you do and then in the next sentence talk about how certain laws do not apply to you because you are from a different jurisdiction or have privileges and immunities or are compliant with the letter of the law.

Existing law and legal frameworks should be the starting point, the foundation, not the end goal. Communities, cultures, organisations are built when we go beyond the letter of the law and embrace compassion. According to the law, refugees are the responsibility of the host governments but charities and NGOs don’t let that stop them from helping.

Data privacy and protection laws are continually evolving; responsible data practices are evolving (often ahead of the law). Maybe it’s time to start embracing responsible data practices that go beyond the law because they are better for the individual whose data it actually is or just simply communicate we want to own the data ourselves and will use all loopholes to do so.