GDPR in 8 bullet points
Tiago Cunha Martins
?? Innovation That Matters ?? Govtech, Public Sector Innovation & Digital Cooperation ????
Article base on the sum up of the "The General Data Protection Regulation: What it says, what it means." article by @laurenscerulus @POLITICOEurope (13/02/2018)
1. Right to be forgotten - Those embarrassing pictures from years ago could finally disappear.
2. Consent - A company or authority “shall be able to demonstrate that the data subject has consented to processing of his or her personal data” and the consent has to be “freely given”. But, the question is what is meaningful, “freely given” consent."
3. Data breach notification - Companies will have to set up a crisis management process for when an intruder manages to snatch the personal data they hold, and "they’ll have to be open and transparent with authorities and customers about what happened."
4. Data protection authorities - The so-called European data protection authorities will gain prominence, including the creation of the The European Data Protection Board, authority for data protection governance.
5. 4% fines - Regulators will hold a stick that’s worth millions, in some cases billions of euros.
6. Privacy by design - Every player during its designing process must to tweak their products to make sure the default setting doesn’t hoover up more data than is needed, and protects personal data immediately.
7. DPO - Data protection officer - Larger businesses need a point person to manage your personal data, a go-to person that knows the risks to working with data and has the ear of the executives in an organization.
8. Profiling - Organizations using algorithms to speed up or decrease the workload will have to either ask for users’ explicit consent or double-check a decision made by an algorithm if the user asks why he was treated in a certain way. An example may be a job applicant that can request a human presence during the recruitment process.
Keywords: GDPR; Data Protection; 25 May; Data Protection Officer; Data breach; Profiling; The European Data Protection Board; notification
Data source: www.politico.eu/article/ready-or-not-here-comes-the-general-data-protection-regulation