Trainline CTO: We’re More Than Ready For ‘Fantastic’ GDPR

Virgin Trains

Trainline CTO Mark Holt explains to Silicon why he is looking forward to the introduction of new data protection regulations

European Global Data Protection Regulations (GDPR) are on the horizon, with less than a year to go until the legislation comes into force for all organisations located within the EU.

It’s widely understood that businesses are at different stages of readiness when it comes to achieving GDPR compliance, but one form that is not concerned about being prepared in time for the May 2018 deadline is Trainline.

Speaking to Silicon, the company’s CTO Mark Holt was full of excitement for the incoming legislation and praised it’s customer-centric focus.


Data laws

“We might be in the minority but I think GDPR’s fantastic, I honestly do,” he said. “I think it’s the right thing from a customer perspective, I think there’s literally nothing about it that isn’t sensible.”

Holt’s positive attitude comes as a result of Trainline’s past culture, which he says has fostered an awareness and understanding of data protection. This means the company is already significantly along the proces, unlike many other companies that are essentially starting from scratch. 

“We’ve been working that way for a very long time,” Holt explained. “We bake security and privacy into the development process, we can identify down to an individual server which servers have got private data on them. We’ve been able to do that for a long time.

“So there’s no question at all [that Trainline will be prepared]. We’ve been working that way for a long time and we’ve been working on the process of becoming GDPR compliant for around six months now as well, so it’s not really an issue for us.”

Holt is obviously willing to put his money where his mouth is, which is more than can be said for many organisations in the UK, including those in the public sector.

“If you don’t know what data you’ve got and you don’t know where it is and you don’t know what you’re doing with it, then you deserve to have a massive change coming at you. I don’t want my data getting spewed across random organisations and ending up on people’s laptops and then being stolen.

“So GDPR is actually really great legislation, it’ll be really helpful.”

It’s certainly unusual to hear someone speaking so positively about a legislation that is accompanied by the potential of massive fines, but just goes to show that it can be an opportunity rather than a hindrance if approached in the right way.

Earlier this year, Information Commissioner Elizabeth Denham called for businesses to use GDPR to restore trust with consumers, a notion that Trainline has obviously taken to heart.

How much do you know about the European Commission? Take our quiz!