Topics

• Round up of this weeks Offline work
• (Break)
• This weeks Labs

GDPR

• Introduced in 2018
• Provides Legal Protections for an Individual and their data
• Main thing that got attention was the Fines….

Key Points

• You need a legal basis for gathering, processing or storing Personal Information
• PII is anything that could identify (or is about) an individual

Your View on GDPR

• Some really interesting points made in Aula about this.

Does it provide us an Illusion of security…..

Illusion Of Security

Greater Fines

Greater Penalties

Small Print / Cookie Law

The Small Print

Legal Basis

• Consent
• Contract
• Legal Obligation
• Vital Interest
• Public Task
• Legitimate Interest

Consent

• User signs their life away in return for memes.
• Freely Given
• Can be revoked

Legitimate Interest

• Your organisation demonstrates it is in the interest of the company (or the person) to do the processing.

Views on Legitimate Interest

Questions

Posts on Legitimate Interest

POV1

POV2

Data Minimisation

• Only collecting what is needed to get the job done

Transparency for Data Subjects

• Users have the right (under most situations) to know what is happening with their data.

Documentation

• Need to demonstrate how the data is:
  • Stored
  • Processed
  • Collected
  • Deleted

Informed Consent

• Its no good assuming consent…
• Should be Clear, and Freely given.

Implementing GDPR

• Identify PII
• Think about how you store the data
• Support user rights
• Think about 3rd party software
  • Google Fonts??

Task 1

Review an Site you use…

Lab Sheet

Task 2

Design Koala.

Lab Sheet