If you thought we were grumpy before, you ain't seen (heard) nothin' yet! 🔥
This is a topic I have strong opinions about. Extremes/fundamentalism, is never good - in any way, shape or form. Here, though, we're not talking about two opposite extremes.
At the far end of the scale you have the Privacy Purist, but the Privacy Pragmatist is not on the opposite end - here you'll find complete and blatant ignorance (Privacy Anarchist, perhaps?). I'd say the pragmatists are more towards the Purist end of the scale.
But as a DPO - internal or external - I don' think you can do your job responsibly while being on (and advising from) either extreme of the privacy scale.
Purists are about absolutes. DPOs cannot be about or advise in absolutes. The GDPR is not absolute. And privacy is not an absolute right - see GDPR Recital 4!
Links and resources:
- Recital 4
- Recital 47
And since I don't want to send readers to little privacy-friendly dictionaries, here's a screenshot of various definitions: