dcsimg

The GDPR has arrived: What happens now?

So, the EU General Data Protection Regulation (GDPR) is here and the sky hasn’t fallen. Some have reacted with an eye roll and a muttered “what did you think was going to happen?” Others will think it’s Y2K all over again: a big build up for nothing. Of course, the world post-25 May 2018 looks very much the same as it did before, but it’s much too early to pass judgement. The effects of the GDPR … [Read more...]

Snapchat releases details of its GDPR compliance measures

Snapchat has announced changes to its privacy policy and user settings as it prepares for the EU General Data Protection Regulation (GDPR), which takes effect on 25 May 2018. Many organisations have downplayed the requisite changes as ‘tweaks’ to their policies, but Snapchat has made a point of emphasising its widespread alterations. The most significant revelation is that, unlike rival messaging … [Read more...]

The GDPR: How the right to be forgotten affects backups

The EU General Data Protection Regulation (GDPR) is a big, complex law, and, as is only natural, some elements appear to contradict each other. One of those contradictions involves arguably the most notorious aspect of the GDPR: the right to erasure (also known as the ‘right to be forgotten’). This right – one of eight enshrined in the GDPR – allows individuals to request that organisations remove … [Read more...]

Data protection authority releases guidance on Cloud computing

If your organisation uses Cloud services, you’ll be aware of their many benefits. But have you thought about the data protection risks? With the EU General Data Protection Regulation (GDPR) taking effect on 25 May 2018, this question is more pressing than ever.  The apparent security of the Cloud has led some organisations to store as much data in it as possible. However, the Cloud is vulnerable … [Read more...]

The GDPR: What you need to know about DPIAs

Article 35 of the EU General Data Protection Regulation (GDPR) introduces the concept of data protection impact assessments (DPIAs). DPIAs help organisations identify and minimise privacy risks in data processing activities. They are essential if you process any high-risk data, but they are also relevant when you are introducing a new data collection process, system or technology. An effective … [Read more...]

How to create a strong password

“My password was hacked”: it’s the go-to excuse for people who post something regrettable on social media. Numerous celebrities, famous athletes and politicians have attempted to negate scandals by framing themselves as victims of a cyber attack. Perhaps some of them were telling the truth, but they’re hardly admonishing themselves of blame by admitting to being – or pretending to be – so bad at … [Read more...]

Who is taking control of your organisation’s GDPR compliance project?

If you’re not among the organisations panicking over the EU General Data Protection Regulation (GDPR), consider yourself either lucky or well prepared. We’re not necessarily referring to sending teams of data protection experts scrambling between departments to check that processes are compliant. That, we expect, is pretty much par for the course – in fact, if all you are doing is checking, you … [Read more...]

How to meet the GDPR’s transparency requirements

The Article 29 Working Party (WP29) has released guidance to help organisations comply with the transparency requirements of the EU General Data Protection Regulation (GDPR).  The WP29 is an advisory body comprising representatives from each EU member state, and has produced numerous reports and advice on the GDPR.  Transparency is an overarching obligation under the Regulation, applying to the … [Read more...]

The GDPR: Understanding the right to restrict processing

The right to restrict processing is one of eight rights enforced by the EU General Data Protection Regulation (GDPR). Upon request, an organisation must stop using an individual’s personal data, although it can continue storing it. It’s an alternative to requesting the erasure of data and will most likely be exercised when individuals contest the accuracy of information, the way it is processed or … [Read more...]

The GDPR could boost blockchain-based content creation

The EU General Data Protection Regulation (GDPR) will have ramifications far beyond data protection, according to the founder of web content management system Zesty.io. Randy Apuzzo says that the GDPR’s emphasis on transparency could lead to a rise in blockchain-based content creation. A blockchain is a list of encrypted records that updates with changes and additions. It’s most commonly … [Read more...]