What drew me to this field is its alignment with my passion for understanding people. I've always been fascinated by what makes people tick, and in data protection, I get to explore how people think and behave when it comes to their data. I’ve realised that organisations often fall into the trap of enforcing policies without understanding how people interpret or respond to them. For me, it’s essential to bring a human element into this work. People think differently, and that's not a bad thing. In fact, the best ideas often come from those who are seeing things from a fresh perspective, even interns or junior staff.
Data protection, in my view, is about more than just ticking legal boxes. It's about fostering an environment where people feel safe to innovate and make mistakes, without fear of punishment. In my teams, I’ve always tried to build a culture where everyone’s input is valued, and that includes learning from failure. If a mistake happens, it's not the end—it's an opportunity to learn and adapt.
What excites me now is the intersection of data protection and emerging technologies, particularly AI. AI is everywhere, yet there’s a worrying lack of understanding about its implications. People use it without considering the ethical, legal, and security concerns.
What worries me most about the future is the general public's lack of awareness about how their data is used. People often give away their data—sometimes sensitive data—without understanding the potential consequences. For instance, sharing biometrics or health data could have serious implications, from privacy breaches to affecting one's access to health insurance. My mission in data protection is to help bridge that knowledge gap, not through fear, but by educating people on the value and risks associated with their data.
Jonathan Craven is a trained psychologist, former Global Privacy Operations Lead at iRythm Technologies, now a self employed consultant on data protection.