GDPR in a Nutshell

As the enforcement deadline of 25th May rapidly approaches, General Data Protection Regulation (GDPR) compliance is a hot topic at many organisations - especially the ones who have left it too late!



While Data Controllers and Data Protection Officers are racing against time to compose policies, run risk assessments and get the legal department to clarify 'legitimate interest', it might be helpful to look at what GDPR actually means from a consumers point of view.

Here's our summary of what GDPR really means for a consumer:

- My personal data belongs to me, not you.

- If I give you permission, you can hold my data on your systems and process it in ways that we have agreed.

- If you want to do anything else with my data, I expect you to ask my permission.

- If you have collected my personal data from a source other than me, I expect you to tell me and ask for my permission to hold it and process it.

- I expect the personal data you hold to be accurate.

- I expect you take measures to ensure my personal data is secure.

- If I ask you what personal data you are holding, I expect you to tell me.

- If I ask you to correct personal data that you are holding - or to delete it - I expect you to comply with my request.

Is it really that hard?

When you look at the intent of GDPR regulations, is there really anything that a well-run, ethical business would have a problem with?

If GDPR compliance means cleaning up your databases, reviewing how you use personal data, beefing up your security procedures and educating your staff about data privacy, how is that a bad thing?

Smart companies will use the GDPR compliance exercise as an opportunity to re-engage with their customers and will sell their data protection measures as a competitive advantage.

Data protection shouldn't be a burden for business, but rather a pre-requisite for doing business at all.


By No comments:

Are you one in a Million?

Facebook has started to notify users who may have had their data shared with Cambridge Analytica.

According to Facebook, in total, around 87 million users are affected, with approximately 1.1 million in the UK.

All Facebook users will be getting a message similar to the ones below. If you get the one on the right, some of your data may have been shared with Cambridge Analytica.


Whether or not your data was affected comes down to whether you or your Facebook 'friends' used Facebook to log on to the 'This is your Digital Life' website.

Check your Settings

Facebook Settings Menu
All users will get a link to check which apps and websites have access to your Facebook data. If you don't check this periodically, do have a look - you might be surprised at what you find. 

No need to wait for the link from Facebook - just go to the settings menu and select 'Apps and Websites' from the menu. If you see anything you don't recognise or don't trust, you can remove it or edit the properties where you can generally amend some of the settings. If you are surprised at what permissions an app has - don't be. It was probably all in the terms and conditions that you didn't read when you clicked the 'agree' box when you signed up.

As a general rule, we always advise clients not to use Facebook, Google or LinkedIn accounts to log in to other services. It might seem convenient that there is one fewer password to remember, but most users have no idea what data they are sharing as a result and where it might end up.

Even you have some basic security practices in place, bear in mind that your Facebook 'friends' may not share your privacy concerns. You have no idea what their privacy settings are like and who they might be sharing your data with.

This won't be the end of the Cambridge Analytica saga. Facebook's disclaimer published with their figures admits, "We do not know precisely what data the app shared with Cambridge Analytica or exactly how many people were impacted.”

 There are some other obvious questions that arise from the Cambridge Analytica affair.

 "Who else was employing similar techniques to Cambridge Analytica?" 

 "How long has this been going on?"

 "What does Facebook itself do with users data?"

Does it Really Matter?


Some users simply won't care that advertisers or political consultants or data analysts have access to their Facebook data.

However many will have concerns over how social media companies are allowing others to access and analyse huge quantities of personal data.

It may not be such a big deal if global brands are paying social media companies to try to manipulate you to switch to their brand of coffee or deodorant or energy drink. But if any organisation, state or individual with the right resources can use personal data from social media to disrupt the democratic process, we should all be worried.

It's worth remembering - as the not-so-old saying goes - "If you're not paying for it, you are the product!"
Links

 Facebook News Release
By No comments:
Subscribe to: Posts (Atom)

Are you concerned about the privacy of your Facebook data?