Skip to main content

Updating Data Protection

By

Technology is developing constantly; communication is becoming faster and the exchange of ideas and information easier. Considering how quickly things are evolving, it’s shocking to discover that the legislation protecting our data hasn’t been updated since 1998! That was the year that Apple introduced the first iMac, Google had its first Doodle and someone hit Bill Gates in the face with a pie (a dissatisfied Windows 98 user perhaps?). Our data protection laws are as out of date as Apple making desktop computers in see-through candy colours. The state of information is unrecognisable from that time and the laws protecting it have been in dire need of an update. Cue an intervention from the EU.

After four years of work the new ‘General Data Protection Regulation’ will detail how data should be stored, how it should be used and when it should be destroyed. The public will have more control over their personal data and businesses will have a more simple set of regulations to follow when using said data. ‘Data’ in this case, refers to anything that might be used to identify an individual, including cultural and economic information as well as mental health details and even IP addresses and other online identifiers. If information held under pseudonyms has the potential to identify an individual this could also be classed as personal data. The GDPR has widened the definition of ‘data’ significantly.

The fines for those who do not comply with the GDPR are hefty (£20 million is no trifling sum) but businesses have until 25th May 2018 to bring their systems into line. The new regulations also apply to companies who process data on behalf of businesses, so developers need to be aware of the legislation too.

The basic principles are:

  • Data must be processed lawfully, transparently, and for a specific purpose
  • Data must be deleted when no longer required or it has served its specific purpose
  • Consent to keep and use data must be actively obtained and recorded
  • The public have the right to request, update, rectify or move their data or have it destroyed altogether
  • Data owners must also check the compliance of any processors they may use
  • Data breaches should be reported to those affected immediately and to the Information Commissioner’s Office within 72 hours
  • Companies outside of the EU are still subject to GDPR when processing or controlling data of individuals within the EU

Some of you may have already thought that as the UK is leaving the EU, their regulations don’t apply, but this isn’t the case. The UK will still be part of the European Union by the time the GDPR is in full force, and even after we leave the EU we still need to be able to work with them. Digital minister Matt Hancock said the GDPR should become part of UK law as it was a “decent piece of legislation”. He has emphasised the importance of uniform standards in order to maintain data exchanges with the likes of the EU and the US, and that the UK would meet the standards set out by the Union rather than asking them to meet ours.

For an in-depth guide on how to become GDPR compliant see the article below:
http://www.itpro.co.uk/security/27563/how-to-get-ready-for-gdpr-2018-data-protection-changes/page/0/2

Words by Lauren

Comments

Post a Comment

Popular posts from this blog

Write Your Own Load Balancer: A worked Example

By
I was out walking with a techie friend of mine I’d not seen for a while and he asked me if I’d written anything recently. I hadn’t, other than an article on data sharing a few months before and I realised I was missing it. Well, not the writing itself, but the end result. In the last few weeks, another friend of mine, John Cricket , has been setting weekly code challenges via linkedin and his new website, https://codingchallenges.fyi/ . They were all quite interesting, but one in particular on writing load balancers appealed, so I thought I’d kill two birds with one stone and write up a worked example. You’ll find my worked example below. The challenge itself is italics and voice is that of John Crickets. The Coding Challenge https://codingchallenges.fyi/challenges/challenge-load-balancer/ Write Your Own Load Balancer This challenge is to build your own application layer load balancer. A load balancer sits in front of a group of servers and routes client requests across all of the serv
Post a Comment
Read more

Catalina-Ant for Tomcat 7

By
I recently upgraded from Tomcat 6 to Tomcat 7 and all of my Ant deployment scripts stopped working. I eventually worked out why and made the necessary changes, but there doesn’t seem to be a complete description of how to use Catalina-Ant for Tomcat 7 on the web so I thought I'd write one. To start with, make sure Tomcat manager is configured for use by Catalina-Ant. Make sure that manager-script is included in the roles for one of the users in TOMCAT_HOME/conf/tomcat-users.xml . For example: <tomcat-users> <user name="admin" password="s3cr£t" roles="manager-gui, manager-script "/> </tomcat-users> Catalina-Ant for Tomcat 6 was encapsulated within a single JAR file. Catalina-Ant for Tomcat 7 requires four JAR files. One from TOMCAT_HOME/bin : tomcat-juli.jar and three from TOMCAT_HOME/lib: catalina-ant.jar tomcat-coyote.jar tomcat-util.jar There are at least three ways of making the JARs available to Ant: Copy the JARs into th
22 comments
Read more

RESTful Behaviour Guide

By
I’ve used a lot of existing Representational State Transfer (REST) APIs and have created several of my own. I see a lot of inconsistency, not just between REST APIs but often within a single REST API. I think most developers understand, at a high level, what a REST API is for and how it should work, but lack a detailed understanding. I think the first thing they forget to consider is that REST APIs allow you to identify and manipulate resources on the web. Here I want to look briefly at what a REST API is and offer some advice on how to structure one, how it should behave and what should be considered when building it. I know this isn’t emacs vs vi, but it can be quite contentious. So, as  Barbossa from Pirates of the Caribbean said, this “...is more what you’d call ‘guidelines’ than actual rules.” Resources & Identifiers In their book, Rest in Practice - Hypermedia and Systems Architecture (‎ISBN: 978-0596805821), Jim Webber, Savas Parastatidis and Ian Robinson describe resources
1 comment
Read more