25th May 2018. GDPR day! No-one who uses a digital communication device will have missed this. The General Data Protection Regulation comes into effect from today. What does it mean?
It creates a new up to date regime for our relationship with personal data whether it is ours or other’s that we hold and deal with.
It recognises the value of personal data and that powerful computers can be used to collect, manipulate, use and abuse it at will. We are now very much in a data-driven, digital economy and as such personal data is now a valuable commodity open to abuse and theft.
The regulations have ramped up the power to heavily prosecute those who abuse it or steal it.
On the other side of the coin, it has increased our individual insight into what organisations are using our data for and our ability to say they should stop, or they should delete it, correct it or transfer it. In a nutshell that is what all the fuss is about.
If you’re thinking, ok but how does GDPR affect me? Then it depends on how you look at it. It’s all about informed explicit consent and legitimate interest.
As an individual have I given my informed explicit consent for that organisation to have and use my data or do they have a legitimate interest in using it that way?
As an organisation do we have explicit consent to use the data in that way or do we have a legitimate interest in doing so? Obviously, it can get very tricky around the principle of legitimate interest.
There is still plenty of confusion about the concept of GDPR, but like any new relationship, there is still a lot to be learnt, discovered, understood and even accepted.
As in any new relationship, it will take some time to gain a proper understanding. If you would appreciate some reassurance or guidance on your relationship with personal data please contact Kevin Basnett.