GDPR (General Data Protection Regulation). More red tape!

Discussion in 'world politics, current affairs and news' started by nardy, May 12, 2018.

  1. nardy

    nardy Well-Known Member

    This piece of crap (from Europe, where else!) comes in on the 25th of this month. I'd never heard of it until a mate mentioned it. The "point" seems to be to protect the privacy of people who give any information to a business. The business must only use that info for the exact purpose it was intended. It seems to be an extension of the Data Protection Act, but I'm not sure.

    I'm a sole trader, and this is a google result.
    https://rapidbi.com/gdpr-checklist-for-sole-traders-and-micro-businesses/

    Are there any other sole traders on here who know more about this than me ... which wouldn't be difficult!
     
  2. danny la rouge

    danny la rouge Warning: posts may cause vasovagal presyncope

    Before I answer, please click here to continue receiving replies.
     
    Liveist, petee, 8ball and 16 others like this.
  3. farmerbarleymow

    farmerbarleymow Seagulls and wasps are brilliant!

    Basically yeah, with some additional rights for data subjects thrown in to the mix. It is a good thing, although it obviously imposes additional burdens on data controllers (which is a good thing in and of itself).

    I'd advise reading the guidance published by the Information Commissioner's Office as that is probably the best initial step if you're concerned about compliance. The first link is for GDPR, the second for the Data Protection Bill. :)
     
  4. Bahnhof Strasse

    Bahnhof Strasse Free the Sepsis Six!

    It does seem to be pretty much impossible to comply with though. Quite funny seeing all the companies that spam my in box asking for permission to keep spamming me tho.
     
    Ralph Llama, CRI, gentlegreen and 8 others like this.
  5. mrs quoad

    mrs quoad Well-Known Member

    Are you asking for a list of possibilities, or is this rhetorical?
     
  6. MadeInBedlam

    MadeInBedlam Arm the mentally ill

    As a sole trader you were already subject to the DPA.

    If you haven’t been arsed to get your head round a (pretty well known) forthcoming change in legislation, whose fault do you think that is?
     
    Liveist, mather, Nylock and 8 others like this.
  7. Supine

    Supine Rough Like Badger

    As an individual how can you not be happy to have improved data protection?
     
    Liveist, mather, Nylock and 9 others like this.
  8. MadeInBedlam

    MadeInBedlam Arm the mentally ill

    If you’re working at lastminutedotcom
     
    farmerbarleymow likes this.
  9. smmudge

    smmudge Sissy that walk!

    Having been briefed on this at work I'm not entirely sure what the main changes are, except higher penalties for companies who violate it and companies have to report every single breach in a shorter time frame. Hmm maybe they are the main changes. But people are talking like all the data protection principles are only just coming into force.
     
    MadeInBedlam likes this.
  10. weltweit

    weltweit Well-Known Member

    No, companies only have to report breaches to the ICO if they meet certain circumstances, check the ICO website, they made a recent video about it. But yes before 72 hours after you discover a breach, if it is reportable you have to report it.
     
  11. RubyToogood

    RubyToogood can't remember what goes here

    I have to deal with it at work and it's a PITA from that point of view but from a human's point of view it's a bloody good thing. It's high time we had more digital rights and protections of our data considering the way things are going.

    For instance, did you know that under GDPR, if decisions are being made about you by an algorithm, you will have a right to have them reviewed by a human and to make your views known?
     
  12. weltweit

    weltweit Well-Known Member

    I agree, for individuals it is a good thing.
     
    MadeInBedlam likes this.
  13. tommers

    tommers Your disco needs you

    Fuck GDPR. If I have one more person send me a 7 page questionnaire that they expect me to fill out then I'm going to explode.

    Our data centres are protected by exactly the same physical security measures they always have been you over eager bollocks. Get over it
     
    The39thStep and nardy like this.
  14. MadeInBedlam

    MadeInBedlam Arm the mentally ill

    AFAIK, a breach is a breach under GDPR. What exemptions are you thinking of for reporting?
     
  15. smmudge

    smmudge Sissy that walk!

    Ok then what has become reportable has changed. I'm not our DPO so in all honesty I won't be checking the ICO website.

    Again I thought this was already the case under DPA?
     
  16. Supine

    Supine Rough Like Badger

    ???

    I'm no expert on this but data protection is about use of the data not just physical security of servers...
     
    mather, NoXion, Guineveretoo and 2 others like this.
  17. weltweit

    weltweit Well-Known Member

    Bahnhof Strasse and MadeInBedlam like this.
  18. MadeInBedlam

    MadeInBedlam Arm the mentally ill

  19. tommers

    tommers Your disco needs you

    Yeah. Doesn't stop the fuckers.
     
  20. DexterTCN

    DexterTCN Well-Known Member

    The government is so serious about this that everyone who works for them needs to pass a test.

    It's 5 questions, you need to get 80%.

    You can take the test as many times as you need to.

    The questions and answers don't change.
     
    A380 likes this.
  21. farmerbarleymow

    farmerbarleymow Seagulls and wasps are brilliant!


    :hmm:

    Good luck with the contractual and legal penalties then. :thumbs:
     
  22. tommers

    tommers Your disco needs you

    :D I clearly haven't expressed myself very well.
     
    farmerbarleymow likes this.
  23. nardy

    nardy Well-Known Member

    As an individual I don't need "improved" data protection in the form of GDPR, thanks. The existing Data Protection Act was fine.

    All I'm seeing now as a result of GDPR is a bunch of emails from businesses asking me if it's okay for them to keep me on their email list and send me emails like they always have (I'd click unsubscribe if I wasn't happy!) and privacy statements appearing everywhere, telling me what my data would be used for (I already bloody know!) and that it will never be used for any other purpose, nor will it be rented, sold, swapped, sodomised or shared with the tooth fairy.

    These things were already requirements under the Data Protection Act, as far as I know.
     
  24. Santino

    Santino lovelier than lovely

    It'll be straight bananas next.
     
    Nylock, A380, neonwilderness and 2 others like this.
  25. BristolEcho

    BristolEcho Well-Known Member

    There's quite a lot of tightening up in my sector which is very welcome. My old company for example didn't have a clue, and I hope they've been brought in line now.
     
    CRI, MadeInBedlam and RubyToogood like this.
  26. Poi E

    Poi E Pessimism: a valuable protection against quackery.

    It came from the Germans, mate. Can you fucking believe it? Trying to run our lives they are.
     
  27. Thora

    Thora Differently Ethical

    As an individual I think it is a good thing.

    As someone running a very small business it is annoying. I think I am compliant though .
    I'm more annoyed that I have to pay the ico every year for doing fuck all, and that's a pre-gdpr thing. Especially if I have to continue paying them for years after I stop running a business as I have to retain data for insurance purposes.
     
    zora likes this.
  28. weltweit

    weltweit Well-Known Member

    Why do you have to pay the ICO Thora, is it because you are paying to register as a data controller? not everyone has to, we for example, because we are only collecting standard business information don't have to register or pay.
     
  29. Thora

    Thora Differently Ethical

    I collect personal information.
     
    William of Walworth and weltweit like this.
  30. equationgirl

    equationgirl Respect my existence or expect my resistance

    Employers now have to ask for explicit consent for the use of employee data, for example the use of images created from fingerprints for timekeeping logging in and out, and that if an employee no longer wished to supply a fingerprint for logging in and out, there must now be a straightforward mechanism for withdrawing consent and deletion of data.

    The GDPR does give employees more rights over their data, and employers must tell employees they have more rights.
     
    Liveist, mather, Yuwipi Woman and 4 others like this.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice