Accessability Links
Cookies on our website
By continuing to use this website we will assume you are happy to receive cookies as outlined in our cookie policy
Accept Policy
CONTACT US

Scroll down

Blogs

CategoryTitleText * DEFAULT * en-GB
Archive
Blogs

It's all 'bout that risk, 'bout that risk (no trouble)

28/01/2018

It's all 'bout that risk, 'bout that risk (no trouble)


A semi-short read with a semi-professional risk analysis regarding your personal data protection.


With the GDPR* legislation coming into force in 4 months - we’ve decided to provide you with a bit of an explanation and an elaborate risk assessment.


We’re not going to explain what GDPR is (because you’ve probably heard it all a dozen times. This week. And if not - please check here*.) we’ll just focus on it’s consequences. In general - we see it as a great phenomenon, as our lives start to rely more and more on data - it’s truly a perfect moment to take a step back and make sure that your valuable and vulnerable personal details are safe.


From now on it’s all up to you. You’ll be the one who can decide whether or not someone can hold any of your data on their database. Sounds so good to be in control, doesn’t it? But, as almost everything in life, it comes with a price - you need to make a decision.


Should I stay or should I go (now)?


Let’s assume that you’d like to minimise the unnecessary risks in your life. Seemingly, an intuitively easy and safe choice is to simply click “opt out” from virtually everything. Done!


Great! But … (there is always a but, right?)


When you have a decision to make - and there are millions of strategies for approaching a decision-making process - one of the ways is to focus on potential risks arising from each available solution. Imagine a potential scenario - you’re planning to go on a second date with someone. (Yes, you made it to the second! Congrats!) Your first one - pretty typical - just a few cocktails, (glasses of prosecco or pints, depending on your budget / lifestyle,) went great. So now - when pondering the second date you consider POTENTIAL RISKS. Let’s take a look at your decision making process and possible options... 1. Cinema

Should we go to the cinema and watch Thor?

Potential risk: What if she doesn’t like Thor???????


The really, really simplified risk assessment formula that runs through your head is:


RISK = LIKELIHOOD x SEVERITY**


In this case, you had a conversation on your first meeting and your date indicated that she loved Marvel movies. Likelihood that she doesn’t enjoy Thor: 0.1 (10%).


The severity is quite a big factor in this situation since it could potentially ruin the date & leave you both feeling really awkward, (imagine watching The Human Centipede together). Severity: 0.8 (80%). (Although, saying that, we could go as low as 0.2 (20%) because even if a movie was terrible - there is a chance you could have fun and make jokes of it! It’s all in your hands, really).


So there we go, the risk for the cinema = 0.1*0.8 = 0.08 = only an 8% risk


2. Cocktails (/Prosecco / Pint) again

Potential risk: What if he thinks that’s dull and it doesn’t go in line with his New Year’s resolutions????

You remember him saying that he’s not much of a drinker, plus, you also vaguely remember him mentioning something about “Dry January”.
Likelihood that he doesn’t enjoy drinking again: 0.7 (70%).

Severity: 0.5 (50%) (Well, I optimistically assume you can still have some fun while you’re sober, although only 50% of regular fun to be precise).
Risk for the drinks = 0.7 * 0.5 = 0.35 = 35% risk


3. Ice skating Brilliant! Because who doesn’t love romantic ice-skating.
Potential risk: She may not know how to skate…


Likelihood: 0.5 (50%) (it’s either she knows how to skate or not). Severity: 1 (100%) (imagine the awkwardness & the majestic falls & injuries).


Risk for the ice-skating = 0.5 * 1 = 0.5 = 50% risk
As 8% < 35% < 50% … the least risky option is the one with 8% risk.


That’s how, in a really simplified way, you make a decision. In this completely imaginary scenario your best strategy (only 8% chance of failure) is to go and watch Thor (and probably ask about ice-skating skills if you’re thinking of the third date already ;)).


So, now that we’ve enjoyed the excitement of planning our second date we also (hopefully) understood how risk assessment works. Since we’re running with ideas for your hypothetical second date, let’s continue with this example.



Your real life-changing decision


If you decide to give us the go ahead to keep your data - as with everything there is a risk of a breach. Of course, we take all possible measures to make sure nothing like that does ever happen but lets just imagine a scenario where a thief runs into our office with his DATA SWAG-BAG as a consultant is halfway through shredding a CV. The data scoundrel grabs that CV and storms out! So we’d like to assess the likelihood of such an incident at 0.01 (1%). Severity depends on the kind of data that may leak - this could include your CV, email address, phone number and in some cases also your physical address. Let’s say that severity is PRETTY HIGH so 0.6 (60%). (We’d assume a higher severity if we had access to your bank details, card, paypal account, medical records etc…)


Risk of staying on our records: 0.01 * 0.6 = 0.006 = 0.6%.


Now, let’s assume you don’t want to deal with any risk whatsoever and decide to ask us to remove ALL YOUR DETAILS. Poof! Risk-free?
Risk of erasing your details from our database: 0.


Really? (Maths is never this easy, we all know that. Where’s the catch???)


Let’s imagine that in 5 years time you decide to check out the market. Your current company changes or your line manager changes or due to various factors you face redundancy. Or you simply get bored with your role.


Likelihood - we should leave this one up to you. Some of you would say that the chance is 0 because you love your company, love your manager, love your role and it will always be like that. But - really sorry to disappoint you - there are some things that you have no control over. Based on our experience and current market tendencies, estimates say you’ll change job at least 5 times and the average job length is constantly dropping, so let’s say that the likelihood that you’d be willing to take a look at the market is around 0.2 (20%).
Severity:

1. Since you’re not on our database, you won’t be receiving any market updates/information about the roles that are available. You may miss out on a “once in a lifetime opportunity”.

2. Once you decide to go back on the market, we will have no way of retrieving your data. So even if you call your favourite recruiter or message the consultant you used to work with, if it’s been years, we’re unlikely to remember you.

3. You interviewed with us previously and you decide you want to get back on the market so you call us up. So we have go through the whole process again. We need your CV and to understand your career achievements and what you’re looking for. We need to meet again and gather all the data again. By that point - the dream vacancy may no longer be available. (Let’s not forget that you weren’t the first one to get notified about the vacancy since you hadn’t been on our system so you’re at a natural disadvantage from the start). Essentially, you’re losing your time and you’re potentially losing the race with other candidates.

4. Our client mentions your name. She knows you’d be the perfect match for the role; (you used to work together/she read your article/you get recommended by some of your or her former colleagues). But, we can’t call you. We can’t send you an email. We can try approaching you on your Linkedin but let’s be honest - how often does anyone respond to these messages? Again - you’re losing time and potentially missing out on the opportunity.

5. The most annoying scenario. Our client mentions a new, fantastic role. And in an instant - your profile crosses our mind. WE REMEMBER YOU. We know it would be a great match. We know that the role is literally perfect for you. We check our system and our heart drops. We can’t approach you because we had to delete your record just last month...



Severity (and inconvenience): 0.7 (70%).
Risk of erasing your data from our database: 0.2*0.7 = 0.14 = 14%.


Since 0.6% < 14%, we just proved that it’s actually less risky to stay on our database than to erase your details!


We hope you found this brief introduction to decision-making and risk analysis process useful (and enjoyable). We truly believe that erasing your data can also inflict potential risks.


If you’ve got any questions regarding GDPR, our internal policies and safety measures -  (probably not dating advice!) - please feel free to reach out to us.

 


To keep it really simple - let’s assume that both likelihood and severity range between [0:1] so maximum risk is 1. (100%)

*GDPR - The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonise data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy. https://www.eugdpr.org/

**Of course - nothing is that simple. And we’re not THAT rational in general … Richard Thaler got his Nobel prize for proving this. I know, it feels so bad to find out we’re not perfect.

Add new comment
 

Back to Top