Skip to main content

Updating Data Protection


Technology is developing constantly; communication is becoming faster and the exchange of ideas and information easier. Considering how quickly things are evolving, it’s shocking to discover that the legislation protecting our data hasn’t been updated since 1998! That was the year that Apple introduced the first iMac, Google had its first Doodle and someone hit Bill Gates in the face with a pie (a dissatisfied Windows 98 user perhaps?). Our data protection laws are as out of date as Apple making desktop computers in see-through candy colours. The state of information is unrecognisable from that time and the laws protecting it have been in dire need of an update. Cue an intervention from the EU.

After four years of work the new ‘General Data Protection Regulation’ will detail how data should be stored, how it should be used and when it should be destroyed. The public will have more control over their personal data and businesses will have a more simple set of regulations to follow when using said data. ‘Data’ in this case, refers to anything that might be used to identify an individual, including cultural and economic information as well as mental health details and even IP addresses and other online identifiers. If information held under pseudonyms has the potential to identify an individual this could also be classed as personal data. The GDPR has widened the definition of ‘data’ significantly.

The fines for those who do not comply with the GDPR are hefty (£20 million is no trifling sum) but businesses have until 25th May 2018 to bring their systems into line. The new regulations also apply to companies who process data on behalf of businesses, so developers need to be aware of the legislation too.

The basic principles are:

  • Data must be processed lawfully, transparently, and for a specific purpose
  • Data must be deleted when no longer required or it has served its specific purpose
  • Consent to keep and use data must be actively obtained and recorded
  • The public have the right to request, update, rectify or move their data or have it destroyed altogether
  • Data owners must also check the compliance of any processors they may use
  • Data breaches should be reported to those affected immediately and to the Information Commissioner’s Office within 72 hours
  • Companies outside of the EU are still subject to GDPR when processing or controlling data of individuals within the EU

Some of you may have already thought that as the UK is leaving the EU, their regulations don’t apply, but this isn’t the case. The UK will still be part of the European Union by the time the GDPR is in full force, and even after we leave the EU we still need to be able to work with them. Digital minister Matt Hancock said the GDPR should become part of UK law as it was a “decent piece of legislation”. He has emphasised the importance of uniform standards in order to maintain data exchanges with the likes of the EU and the US, and that the UK would meet the standards set out by the Union rather than asking them to meet ours.

For an in-depth guide on how to become GDPR compliant see the article below:
http://www.itpro.co.uk/security/27563/how-to-get-ready-for-gdpr-2018-data-protection-changes/page/0/2

Words by Lauren

Comments

Popular posts from this blog

Write Your Own Load Balancer: A worked Example

I was out walking with a techie friend of mine I’d not seen for a while and he asked me if I’d written anything recently. I hadn’t, other than an article on data sharing a few months before and I realised I was missing it. Well, not the writing itself, but the end result. In the last few weeks, another friend of mine, John Cricket , has been setting weekly code challenges via linkedin and his new website, https://codingchallenges.fyi/ . They were all quite interesting, but one in particular on writing load balancers appealed, so I thought I’d kill two birds with one stone and write up a worked example. You’ll find my worked example below. The challenge itself is italics and voice is that of John Crickets. The Coding Challenge https://codingchallenges.fyi/challenges/challenge-load-balancer/ Write Your Own Load Balancer This challenge is to build your own application layer load balancer. A load balancer sits in front of a group of servers and routes client requests across all of the serv

Bloodstock 2009

This year was one of the best Bloodstock s ever, which surprised me as the line up didn't look too strong. I haven't come away with a list of bands I want to buy all the albums of, but I did enjoy a lot of the performances. Insomnium[6] sound a lot like Swallow the Sun and Paradise Lost. They put on a very good show. I find a lot of old thrash bands quite boring, but Sodom[5] were quite good. They could have done with a second guitarist and the bass broke in the first song and it seemed to take ages to get it fixed. Saxon[8] gave us some some classic traditional heavy metal. Solid, as expected. The best bit was, following the guitarist standing on a monitor, Biff Bifford ripped off the sign saying "DO NOT STAND" and showed it to the audience. Once their sound was sorted, Arch Enemy[10] stole the show. They turned out not only to be the best band of the day, but of the festival, but then that's what you'd expect from Arch Enemy. Carcass[4] were very disappoin

Catalina-Ant for Tomcat 7

I recently upgraded from Tomcat 6 to Tomcat 7 and all of my Ant deployment scripts stopped working. I eventually worked out why and made the necessary changes, but there doesn’t seem to be a complete description of how to use Catalina-Ant for Tomcat 7 on the web so I thought I'd write one. To start with, make sure Tomcat manager is configured for use by Catalina-Ant. Make sure that manager-script is included in the roles for one of the users in TOMCAT_HOME/conf/tomcat-users.xml . For example: <tomcat-users> <user name="admin" password="s3cr£t" roles="manager-gui, manager-script "/> </tomcat-users> Catalina-Ant for Tomcat 6 was encapsulated within a single JAR file. Catalina-Ant for Tomcat 7 requires four JAR files. One from TOMCAT_HOME/bin : tomcat-juli.jar and three from TOMCAT_HOME/lib: catalina-ant.jar tomcat-coyote.jar tomcat-util.jar There are at least three ways of making the JARs available to Ant: Copy the JARs into th