data.day
shadow-it / privacy / gdpr / governance

Your “Free” Form Builder Is a Breach of State Secrets

Shadow IT is not innovation; it is an unauthorized treaty with a foreign power. Why 'free' tools are the most expensive risk we take.

Sven Civic Sven Civic

The High Cost of Zero Cost

The incident report landed on my desk at 08:00.

Incident: Unauthorized Data Collection. Source: Department of Recreation. Tool: [Redacted Global Survey Tool].

A team leader, frustrated by the bureaucracy of our internal IT, had spun up a “free” survey to register children for summer camps. It was efficient. It was user-friendly. And it was piping the medical allergies of local children directly into a database owned by a marketing analytics firm in a non-EU country.

I called the team leader. He was defensive. “It didn’t cost the budget a cent!” he argued.

“It cost us our integrity,” I replied. “You signed a Terms of Service agreement on behalf of the Municipality without reading it. You agreed that they can use this data to ‘improve their services.’ You sold the medical data of our youth for the price of a web form.”

The Dependency: The Lure of Frictionless surrender

Silicon Valley has mastered the art of “Product-Led Growth.” This is a euphemism for bypassing the procurement department. They make the tool so easy that the staff adopts it before the leadership notices.

This creates a Dependency of Convenience.

When we use “free” tools, we are not the customer. The Citizen is the product. The tool scrapes metadata, IP addresses, and behavioral patterns.

  • The Risk: We have no SLA. If they lose the data, we have no recourse.
  • The Jurisdiction: We have no borders. The data flows to wherever the vendor’s cheapest server farm is located.

[TO EDITOR: A diagram showing a “Free Tool” acting as a funnel. Citizen data goes in at the top, and “Ad Targeting” and “Model Training” comes out the bottom.]

The Sovereign Choice: Safe Harbors for Innovation

We cannot simply ban these tools; we must replace them. The urge to innovate is good. The method was wrong.

We have now deployed a Sovereign Form Builder. It is an open-source instance, hosted on our municipal servers. It looks like the popular tools. It drags-and-drops like the popular tools. But the database is ours.

  • Rule: If a tool requires a login, it requires a contract.
  • Rule: If the URL ends in .com and we do not have a signed DPA (Data Processing Agreement), it is blocked at the firewall.

We do not stifle innovation. We domesticate it. We ensure that when a Citizen types their name into a form, that name stays within the protection of our laws.

FAQs

But the official tools are too hard to use.

Then we must fix the official tools. But difficulty is not an excuse for unauthorized data export.

Is it okay if we just collect emails?

An email is a Citizen's digital identity. It is personal data. It triggers GDPR. It belongs on sovereign soil.

What if we pay for the 'Pro' version?

Payment does not change jurisdiction. Unless the Pro version offers a specific legal guarantee of residency and immunity, it is still foreign infrastructure.