Behind the firewall: Jonathan Craven

“My career in data protection has evolved over time, rather than being the result of a clear, guiding principle. I've had various roles in different organisations, mostly in the UK public sector—working in the police service, local government, and the NHS. Through these experiences, I've developed a strong understanding of the complexities and challenges that come with managing data in large, intricate organisations. 

Published: 
September 19, 2024
Jacob Høedt Larsen
PR & PA

Read more about the author

What drew me to this field is its alignment with my passion for understanding people. I've always been fascinated by what makes people tick, and in data protection, I get to explore how people think and behave when it comes to their data. I’ve realised that organisations often fall into the trap of enforcing policies without understanding how people interpret or respond to them. For me, it’s essential to bring a human element into this work. People think differently, and that's not a bad thing. In fact, the best ideas often come from those who are seeing things from a fresh perspective, even interns or junior staff.

Data protection, in my view, is about more than just ticking legal boxes. It's about fostering an environment where people feel safe to innovate and make mistakes, without fear of punishment. In my teams, I’ve always tried to build a culture where everyone’s input is valued, and that includes learning from failure. If a mistake happens, it's not the end—it's an opportunity to learn and adapt.

What excites me now is the intersection of data protection and emerging technologies, particularly AI. AI is everywhere, yet there’s a worrying lack of understanding about its implications. People use it without considering the ethical, legal, and security concerns. 

What worries me most about the future is the general public's lack of awareness about how their data is used. People often give away their data—sometimes sensitive data—without understanding the potential consequences. For instance, sharing biometrics or health data could have serious implications, from privacy breaches to affecting one's access to health insurance. My mission in data protection is to help bridge that knowledge gap, not through fear, but by educating people on the value and risks associated with their data.

Jonathan Craven is a trained psychologist, former Global Privacy Operations Lead at iRythm Technologies, now a self employed consultant on data protection. 

Your roadmap to achieving DPIA excellence

We’ve gathered our top insights on securing a successful DPIA process. It includes step-by-step guides, cheat sheets for getting management buy-in, and expert tips to make DPIAs a seamless part of your data protection strategy.

Download e-book