It’s actually pretty standard operating mode for many big tech adjacent, regulated industries. They don’t necessarily expect you to be 100% perfect, but they do expect you to build in such a way that their privacy tools can inspect things and you get urgent tasks filed if something doesn’t meet spec.
What they want is additional work, and technical implementation that the agreements are being enforced in code. It’s a fascinating area for a career, but the tools are not well developed and engineers not trained to code this way. Ends up being like a 40% tax on a lot of peoples work, plus the people who write and operate the verification systems.
It’s probably what the security field should have done years ago, but there were never as expensive of fines as for privacy violations.
What they want is additional work, and technical implementation that the agreements are being enforced in code. It’s a fascinating area for a career, but the tools are not well developed and engineers not trained to code this way. Ends up being like a 40% tax on a lot of peoples work, plus the people who write and operate the verification systems.
It’s probably what the security field should have done years ago, but there were never as expensive of fines as for privacy violations.