The General Data Protection Regulation (GDPR) is hitting organisations that deals with EU citizens in 2018. In this deck, Danny informs organisations, designers and developers on how to use the three pillars of Transparency, Privacy and Controls on their quest towards GDPR compliancy. As well as providing examples of brands that are doing things right and wrong (from a GDPR perspective), the presentation provides practical examples of techniques such as consent, privacy by design (PbD) and the right of individuals to update their details at all times. Designers can use these techniques across their products and services to ensure that their marketing efforts are prepared.
2. Introducing GDPR
What is GDPR?
1. Transparency
2. Privacy
3. Control
Conclusion
TODAY
#DigitalPond @danny_bluestone
3. HELLO. I AM DANNY.
#DigitalPond @danny_bluestone
4. 21%
- are a -
Data
Liberator
They think data will make
us healthier, safe and more
efficient. They’re up for
the big data revolution.
40%
- are a -
Savvy
Sharer
They’re optimists. Data
should be used freely in
most situations, but not all.
29%
- are a -
Data
Regulator
They think that big data can
be useful. But we need to
consider decisions carefully.
10%
- are a -
Privacy
Protector
They don’t believe the big
data hype. They want to
regain privacy, no matter
what the cost.
#DigitalPond @danny_bluestone
6. The rise of digital and data is unparalleled
#DigitalPond @danny_bluestone
7. The issue is that brands know more about us
than we know about ourselves
#DigitalPond @danny_bluestone
8. Tinder has 800 pages of information on one
of its users, including age-rank of matches
and how many facebook friends she had
#DigitalPond @danny_bluestone
10. The Ponemon Institute Research report May 2017
49%
HAD A DOCUMENT BREACH
IN THE PAST 2 YEARS
73%
EMPLOYEES ARE
ACCIDENTALLY
EXPOSING INFORMATION
63%
OF STAFF UNABLE TO
LOCATE SENSITIVE DATA
#DigitalPond @danny_bluestone
Do businesses know what they are doing?
12. WHO IS BEHIND GDPR?
12
Official EU website, no information about GDPR
European Data Protection Board, no link to GDPR
guidelines some internal facing articles
The EUR-LUX website (searchable database) contains
EU law, the journal of the Union and international
agreements. It is also home to the GDPR articles. The
articles are not prominent on the homepage.
There ls a link to the GDPR PDF or web page with 54K
words over 102 word pages
Giovanni Buttarelli is the
European Data Protection
Supervisor.
Wojciech Wiewiórowski is the
Assistant Supervisor at the
EDPS.
13. The GDPR includes new regulations to prior directives.
Accountability
Risk-based approach
Privacy by design
(PbD)
Rights of erasure
Data portability
Transparency/
Consent
#DigitalPond @danny_bluestone
14. 14
The Processor is an entity that processes
data on behalf of the controller. They need
to conform to the processes, audits,
breach and Disaster Recovery policies.
The Controller determines the purposes and
means of the processing of personal data.
They have a legal responsibility to appoint
‘qualified’ Processors.
#DigitalPond @danny_bluestone
15. #DigitalPond @danny_bluestone
Only collect the data you
need and ensure that it is
accessible by users so they
can update it. Maintain
retention policies.
Transparency
The service must be clear
and collected for specified
purposes through explicit
consent.
ControlsPrivacy
Implement PbD, backup
and DR methods to ensure
data security and resilience.
Don't compromise users’
identities.
Cyber-Duck Ltd
18. How to handle SARs
Requirement
Legal
response time
Facebook Majestic Wine
View data held
following SAR
1 month
No response (have export button to view
likes, timeline posts, friends made etc’)
Responded in time
Follow-up to the SAR Immediate
Did not respond to original SAR by email
as explained there is a download function
N/A
With GDPR users will be entitled to know how long their data is stored, enjoy data
portability (e.g. porting data from one bank to another) and have their data erased
without a court request.
#DigitalPond @danny_bluestone
19. The importance of consent
It is important that consent is ‘Unbundled’ and as ‘Granular’ as possible. There should
be no ‘Opt-out’. Only provide ‘Opt-in’. Ensure that consent is ‘Easy to withdraw’.
Note: You will also need to name any parties that will rely on consent. Using words
like third parties or categories will not be acceptable.
#DigitalPond @danny_bluestone
27. The difference between anonymisation and
pseudonymisation
Anonymisation means erasing any personal data with permanent fictitious values.
Pseudonymisation replaces identifiable data with a persistent and reversible token.
Name Pseudonym (token) Anonymised
Jonny aERT xyz
Veronica Oqwti xyz
Sylvain SqaL xyz
Jonny aERT xyz
#DigitalPond @danny_bluestone
28. The difference between anonymisation and
pseudonymisation
Anonymisation
#DigitalPond @danny_bluestone
Pseudonymisation
Useful for when granularity of data
is not important and reverting
back is not required
Useful is you want to masquerade
data, protect privacy but need to
revert back to original
29. Dynamic IP addresses
A dynamic IP address will be personal data in the hands of a website operator if there
is another party (i.e. ISP) that can link the dynamic IP address to the identity of an
individual and the website operator has a "legal means" of obtaining access to the
information held by the ISP in order to identify the individual.
19 October 2016, the Court of Justice of the European Union (the "CJEU")
Note: Don’t store server logs if you do not have to. Encrypt logs in storage and limit access to decryption credentials.
#DigitalPond @danny_bluestone
30. Implied consent is not sufficient - “By using this site, you
accept cookies” message is not going to cut it.
Users can reject cookies - Easily let users withdraw consent
and opt-out so they are able to adjust their preferences.
The Cookie madness, an ongoing saga!
#DigitalPond @danny_bluestone
31. Deleting data
Data Subjects have the right to obtain erasure from
the data controller, without undue delay. This means
backups too. Make sure you can quickly pinpoint a
backup and delete a particular record or file.
#DigitalPond @danny_bluestone
32. 1. Privacy must be proactive, not reactive.
2. Privacy must be the default setting.
3. Privacy must be embedded into design.
4. Privacy must contain a balance between privacy and security.
5. Privacy offers end-to-end lifecycle protection of user data.
6. Privacy standards must be visible, transparent.
7. Privacy must be user-centric.
Privacy by design (PbD)
#DigitalPond @danny_bluestone
33. “…With the implementation of the GDPR and
the principle of ‘privacy by default’,
organizations can no longer hide behind the
argument that they are technologically unable to
act in line with the regulations”
Vita Zwaan, lawyer & lead Privacy Team Bureau Brandeis
#DigitalPond @danny_bluestone
38. Why give users ‘data portability’ capabilities?
Data portability is a concept to protect users from having their data stored in "silos"
or "walled gardens" that are incompatible with one another, i.e. closed platforms, thus
subjecting them to vendor lock-in (Wikipedia).
TRANSPARENCY
& ANALYSIS
HELP USERS
SWITCH
#DigitalPond @danny_bluestone
39. Be ready for breaches
#DigitalPond @danny_bluestone
42. Apply a process to your GDPR initiative1
Data audit1 Gap analysis2 Make a plan3 Execute4 Train everyone5
#DigitalPond @danny_bluestone
43. Register for an ICO certificate2
#DigitalPond @danny_bluestone
44. Embed GDPR in your CX and marketing3
Lloyds concluded that if it was going to avoid losing customers, it needed
to overhaul the CRM programme to reflect what people actually want.
#DigitalPond @danny_bluestone
46. 1. Saving less data is taking less risk - Store only what you need.
2. Use PbD - Consider systems, messaging and encryption to determine who sees
what and why.
3. Be aware - Besides GDPR look out for other laws like e-privacy and PSD2.
4. Consent - Obtain explicit consent for everything and ensure you have audit trails.
5. Policies and process - Be ready for SARs and ensure you have retention policies.
Conclusions from the Cyber-Duck talk
#DigitalPond @danny_bluestone