Development, Technology

GDPR To Take Effect on May 25th!

Next month the EU’s GDPR law will go into effect, and many companies are updating their privacy policy to prepare for the new regulations. I as a developer have to know this law thoroughly because I don’t want to violate the law and then be held liable for damages. So here are the major points I’ve learned so far:

  • Before collecting a customer’s personal data, you must obtain consent.
  • Personal data includes anything that can be used to identify a user. Such as email and name.
  • In order to obtain consent, your terms of use have to be easily accessible and easy to understand. You cannot hide your terms deep in legal jargon.
  • After obtaining consent, the user must have an easy way to opt-out of your use of their personal data.
  • The user must also have an easy way to download all of the info you have on them, and the ability to delete all of their data from your servers as part of their “Right to be Forgotten.”
  • Once you’ve gotten consent to use a person’s data in a certain way, you then cannot use that same data in a different way. You will have to obtain new consent in order to change the way you use their personal data.
  • Each company will have to appoint an employee to represent them in the EU. This employee will act as the contact for the EU’s DPA (Data Protection Authorities.
  • These DPA’s will have the power to investigate and enforce the GDPR rules on companies operating with user’s personal data.
  • Companies that suffer a breach of their user’s personal data must immediately inform those users that their info was stolen.
  • Both the company collecting personal data, and the third-party that the company is selling your personal data to are legally responsible for any mistakes that are made.

Here are a few links with more info:

https://www.microsoft.com/en-us/TrustCenter/Privacy/gdpr/default.aspx?&wt.srch=1&wt.mc_id=AID641639_SEM_BQ6Yzc26&msclkid=d8a227b1a1ca11d25b457d7d67b04615

https://assessment.microsoft.com/gdpr-compliance

https://www.bleepingcomputer.com/news/security/more-than-half-of-android-apps-for-kids-are-violating-us-privacy-laws/

https://www.enisa.europa.eu/publications/privacy-and-data-protection-by-design

https://www.eff.org/issues/privacy

https://www.gdprhq.io/post/gdpr-hq-its-time-to-dig-in

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/

https://www.pcreview.co.uk/articles/gdpr-what-it-is-and-what-it-means.199/

https://spectrum.ieee.org/telecom/internet/your-guide-to-the-gdpr.html

https://sdtimes.com/security/what-does-it-take-to-build-a-secure-app-by-design/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s