­
Welcome, Guest
Username: Password: Remember me

TOPIC: A techie’s rough guide to GDPR

A techie’s rough guide to GDPR 23 Feb 2018 09:03 #6280

  • Paul-UB40
  • Paul-UB40's Avatar
  • OFFLINE
  • Administrator
  • Posts: 2062
  • Thank you received: 1286
A techie’s rough guide to GDPR
January 12, 2018
curtis-macnewton

[This was originally written for my upcoming book Future Ethics, but might be too boring to make the final draft. I must stress this post does not constitute legal advice; anyone who takes my word over that of a properly qualified lawyer deserves what they get. I recommend reading this post alongside the UK’s ICO guidance and/or articles from specialists such as Heather Burns.]

A large global change in data protection law is about to hit the tech industry, thanks to the EU’s General Data Protection Regulations (GDPR). GDPR affects any company, wherever they are in the world, that handles data about European citizens. It becomes law on 25 May 2018, and as such includes UK citizens, since it precedes Brexit. It’s no surprise the EU has chosen to tighten the data protection belt: Europe has long opposed the tech industry’s expansionist tendencies, particularly through antitrust suits, and is perhaps the only regulatory body with the inclination and power to challenge Silicon Valley in the coming years.

Technologists seeking to comply with GDPR should get cosy with their legal teams, rather than take advice from this entirely unqualified author. However, it’s worth knowing about the GDPR’s provisions, since they address many important data ethics issues and have considerable implications for tech companies.

GDPR defines personal data as anything that can be used to directly or indirectly identify an individual, including name, photo, email, bank details, social network posts, DNA, IP addresses, cookies, and location data. Pseudonymised data may also count, if it’s only weakly de-identified and still traceable to an individual. Under GDPR, personal data can only be collected and processed for ‘specified, explicit, and legitimate purposes’. The relevant EU Working Party is clear on this limitation:

‘A purpose that is vague or general, such as for instance ‘Improving users’ experience’, ‘marketing purposes’, or ‘future research’ will – without further detail – usually not meet the criteria of being ‘specific’.’ —Article 29 Working Party, Opinion 03/2013 on purpose limitation, 2 April 2013.

More Here;
www.cennydd.com/writing/a-techies-rough-guide-to-gdpr

A Fascinating read of Things that will be very soon Law.
And yet another potential nightmare for Website Owners & Forum Operators.
YNWA: You'll Never Walk Alone

A techie’s rough guide to GDPR 23 Feb 2018 09:43 #6281

  • dboy
  • dboy's Avatar
  • OFFLINE
  • Elite Member
  • Posts: 187
  • Thank you received: 259
Paul-UB40 wrote:
A techie’s rough guide to GDPR
January 12, 2018
curtis-macnewton

[This was originally written for my upcoming book Future Ethics, but might be too boring to make the final draft. I must stress this post does not constitute legal advice; anyone who takes my word over that of a properly qualified lawyer deserves what they get. I recommend reading this post alongside the UK’s ICO guidance and/or articles from specialists such as Heather Burns.]

A large global change in data protection law is about to hit the tech industry, thanks to the EU’s General Data Protection Regulations (GDPR). GDPR affects any company, wherever they are in the world, that handles data about European citizens. It becomes law on 25 May 2018, and as such includes UK citizens, since it precedes Brexit. It’s no surprise the EU has chosen to tighten the data protection belt: Europe has long opposed the tech industry’s expansionist tendencies, particularly through antitrust suits, and is perhaps the only regulatory body with the inclination and power to challenge Silicon Valley in the coming years.

Technologists seeking to comply with GDPR should get cosy with their legal teams, rather than take advice from this entirely unqualified author. However, it’s worth knowing about the GDPR’s provisions, since they address many important data ethics issues and have considerable implications for tech companies.

GDPR defines personal data as anything that can be used to directly or indirectly identify an individual, including name, photo, email, bank details, social network posts, DNA, IP addresses, cookies, and location data. Pseudonymised data may also count, if it’s only weakly de-identified and still traceable to an individual. Under GDPR, personal data can only be collected and processed for ‘specified, explicit, and legitimate purposes’. The relevant EU Working Party is clear on this limitation:

‘A purpose that is vague or general, such as for instance ‘Improving users’ experience’, ‘marketing purposes’, or ‘future research’ will – without further detail – usually not meet the criteria of being ‘specific’.’ —Article 29 Working Party, Opinion 03/2013 on purpose limitation, 2 April 2013.

More Here;
www.cennydd.com/writing/a-techies-rough-guide-to-gdpr

A Fascinating read of Things that will be very soon Law.
And yet another potential nightmare for Website Owners & Forum Operators.
Thankfully I am fully GDPA complient :)

A techie’s rough guide to GDPR 20 May 2018 10:03 #7714

  • Paul-UB40
  • Paul-UB40's Avatar
  • OFFLINE
  • Administrator
  • Posts: 2062
  • Thank you received: 1286
This Becomes Law this Friday, May 25th 2018.
After top expert advice we here at WC are fully compliant in all aspects of the new legislation.
so no need to worry, Just continue to enjoy the many features that we have to offer. :)
YNWA: You'll Never Walk Alone
The following user(s) said Thank You: comply or die

A techie’s rough guide to GDPR 20 May 2018 10:13 #7717

  • comply or die
  • comply or die's Avatar
  • NOW ONLINE
  • Platinum Member
  • Posts: 2044
  • Thank you received: 1922
Thanks for this reminder Paul. Noted this from the above source:
Under GDPR, personal data can only be collected and processed for ‘specified, explicit, and legitimate purposes’.

So given DWP are not a `company` does that mean they can use our data regardless of whether we kick & scream about it? It states for `legitimate purposes` so therefor, government would say they use our data to identify and share it within their cosy network of trusted partners, like those running the outsourcing groups?

Like these: DPR defines personal data as anything that can be used to directly or indirectly identify an individual, including name, photo, email, bank details, social network posts, DNA, IP addresses, cookies

IP address and Cookies related to Find a Job or any other site we are directed to use.
­