6005 CEM

Week 2

Introduction

Topics

  • Round up of this weeks Offline work
  • (Break)
  • This weeks Labs

GDPR

GDPR

  • Introduced in 2018
  • Provides Legal Protections for an Individual and their data
  • Main thing that got attention was the Fines….

Key Points

  • You need a legal basis for gathering, processing or storing Personal Information
  • PII is anything that could identify (or is about) an individual

Your View on GDPR

  • Some really interesting points made in Aula about this.

Does it provide us an Illusion of security…..

Illusion Of Security

Greater Fines

Greater Penalties

Legitimate Interest

  • Your organisation demonstrates it is in the interest of the company (or the person) to do the processing.

Views on Legitimate Interest

Questions

Posts on Legitimate Interest

POV1

POV2

Privacy by Design

Data Minimisation

  • Only collecting what is needed to get the job done

Transparency for Data Subjects

  • Users have the right (under most situations) to know what is happening with their data.

Documentation

  • Need to demonstrate how the data is:
    • Stored
    • Processed
    • Collected
    • Deleted

Implementing GDPR

  • Identify PII
  • Think about how you store the data
  • Support user rights
  • Think about 3rd party software
    • Google Fonts??

Tasks and Discussion for This week

Task 1

Review an Site you use…

Lab Sheet

Task 2

Design Koala.

Lab Sheet