Preserving Ancestral Wisdom: How GDPR Retention Requirements Affect Cultural Data
As per their mission statement, the purpose of Waitaha Books is “to publish, and promote the reading of, literature that gives expression to the teachings of the Waitaha Nation – blessings that have come to us through our ancestors.” To Waitaha people, this means preserving the memories of their ancestors, their cultural values, and the essence of the Waitaha Nation.
To Waitaha people the teachings of their ancestors are a living cultural resource.
The General Data Protection Regulation (GDPR) is a set of rules designed to give individuals more control over their personal data. It applies to any business or organisation, regardless of where in the world they are located, whose processing activities are related to offering goods or services to (or collecting data about) people within the European Union. In short, it’s a way to protect the digital personal information that has come to permeate our working and social lives.
When it comes to the processing of personal data, it is particularly important that businesses consider all of their legal obligations, including, but not limited to, the retention period of that data. This is known as the gdpr retention requirements.
The importance of retention, whether for legal or cultural reasons, cannot be overstated. In the context of culture, for example, oral traditions are a form of “cultured” data that pass from generation to generation. As the Waitaha people indicate in their mission statement, this is a core area of focus for them, as “to Waitaha people the teachings of their ancestors are a living cultural resource.” Rooted in the past, they have a certain life-force that infuses their present and influences their future.
Particularly interesting are the parallels between these oral histories and the GDPR’s principles around the retention of personal data. In particular, they share common themes, such as:
Finally, the GDPR is a practical way to help safeguard cultural data as it functions within the EU. This can be useful, for example, to the Waitaha people who may struggle to protect their ancestral history in the modern digital world. As those who came before them are expressed in recordings, written texts, and other documentation, the Waitaha people seek to ensure that their oral traditions do not become obsolete in the modern era. To this end, they also see modernisation as a way to help preserve the “living cultural resource” that is their oral tradition.
The GDPR, in creating a framework for the inspection of cultural data, assessment of the reasons behind the retention or erasure of such data, and a process for the rectification of inaccurate data, provides a template for the kinds of information that could be useful for the Waitaha people and others with similar traditions in the preservation of their heritage.
The Waitaha people are not the only indigenous group for whom data protection laws have become an important tool in safeguarding their history and culture. Indeed, a number of recent initiatives have been undertaken worldwide, including:
It is clear that, the GDPR, in providing a clear and comprehensive legal framework for data protection, can also help support the protection of cultural data. It does so, firstly, by requiring the collection of that data (including oral traditions) to be lawful, transparent, limited, etc. It then requires that when those data are processed, they be done in accordance with long-term retention policies of the data controller.
Adaptation to modern modes of information dissemination and storage is necessary if indigenous peoples are to profit from their new cultural opportunities, and to ensure the effective realisation of their right to carry out their cultural traditions without interference. From both a legal and cultural perspective, therefore, it is clear that, just as with processing personal data, respect must be paid both to modern law and ancient traditions.
For more information on data protection regulations, you can visit Wikipedia’s page on GDPR.
