GDPR (niche thread)

It might screw over anyone who relies on web stats too. Our organisation is adding an opt-in for all cookies, including Google Analytics (as they’re not business essential). Since no-one is going to opt in, that’s basically the end of stats :sob:

Until I get the server log sorted I suppose FINE ffs

I’m enjoying ignoring all the emails requesting to stay connected, hopefully spam free inbox soon

1 Like

and if your boss says otherwise, just tell them I told you so

Theo said I have the power to merge threads now, but didn’t say how.

I accidentally made it a wiki and then changed it back.

I did it!

1 Like

Because I’m the (data) architect

1 Like

Been interesting to see how different companies are approaching it. Some have been super formal, explaining what GDPR is, others have been like terrifying exes HEY ARE WE STILL FRIENDS WE WANT TO STAY IN TOUCH

2 Likes

Lol - regular occurrence in my life too!

I suppose I should get my boss to check if we can still do voice recognition tuning. I’ve got a hunch from ICO’s guidance we may not be allowed any more.

I’m one of the youngest people in our organisation of 2,500 people so even explaining the basics of data protection to my colleagues is proving difficult.

We were told we had to some online training about it. Went onto it and it was just a quiz of 5 questions. Got 4 right and that was it.

In short I haven’t learned anything about GDPR.

It’s finally here guys!!

2 Likes

I’ve been training my whole global Customer Care department on how GDPR will affect us.
Have spent months researching, building and delivering this training. Then with no warning someone somewhere sent an email to our entire customer base titled “*** GDPR TEST ***”, linking to an old Privacy Policy and with the links to consent or unsub dead. FML.

6 Likes

Dear GDPR friends, I’ve just been tasked with finding out if the GDPR can apply to foreign (e.g. non- EU) government entities. I’m obviously going to try some standard legal research, but wondering if any of you fine minds have seen anything along those lines?

How do you mean, “can apply to”? Any entity keeping data on users within the EU will be expected to comply iirc.

1 Like

I think the theory is that the government of state A isn’t bound by the laws of state B (with state B being the EU in this situation).

See this from the Aussies.

But yeah, everything I’ve seen agrees with what you said…

We were discussing implications the other day. We supply software to companies who then store personal data. In order to investigate specific issues we often have to go onto their machines and view the system since so many issues are data dependent. But having done the in-house training the other day (which was still pretty WTAF at times) it feels like that means ever customer of that company has to explicitly say it’s okay for us to see their personal details.

I believe the latest version of our software does as much as it can to allow our customers to obey GDPR but part of the issue is that while we can easily hide personal details onscreen at an individual level, encrypting data on the database itself requires a lot more coding so I’m not really sure what is happening around that. Moreover it takes AGES to upgrade software so in the meantime it feels like there are going to be a lot of laws broken :grimacing:

Hopefully I’m just worrying overly about this.

On further research, as far as I can tell the Aussies are off-base and it clearly applies to public sector organisations. Thanks for replying :slight_smile:

That Australian page doesn’t seem to say anything concrete, it just says you have to consider things but the key point is

Foreign states are generally entitled to be granted immunity from the jurisdiction of the courts of another state. Exceptions depend on the laws of the particular jurisdiction, and may include commercial transactions of a foreign state.

Basically it’s about commercial stuff but the point stands that you can’t take other governments to court for this sort of thing so there is always going to be a hole in this sort of process.

Just did my GDPR online training at work which I’d been putting off for ages as it says it took 34 minutes. And I’m, like, well busy posting on here and stuff. Realised you could skip through all the videos, then answer the questions at the end which are all very obvious. 17/20 :sunglasses:

2 Likes

Don’t pretty much all major databases have inbuilt features to allow encryption for data at rest these days, or is that just the Enterprise level ones? (i.e. not much good if you use something like MySQL or Posgress)