Conference News April 2018 - Page 12

12 Law Doing the right thing by data Paul Cook asks whether we really need to be reaching for the big stick when it comes to personal data? vast number of tweets, blogs, videos, tip sheets, podcasts and infographics in recent months have put GDPR (General Data Protection Regulation) as their focus. Quite rightly, as awareness has to be raised. After all, it is about the rights of individuals when it comes to their personal information. However, the rights of people and their data protection is nothing new. It has been gradually stepped up since the 1940s when the Universal Declaration of Human Rights came into force. Now the issue has stepped firmly centre stage. GDPR has been kicked around extensively, and we see some organisations acknowledging they need to do something about it, while others argue it doesn’t apply to them (and for a very tiny few that could well be the case). How welcome is GDPR? A number of organisations are unhappy with having to make ...and don't forget PECR GDPR is not the only regulation of course that affects organisations of all shapes and sizes. Sitting alongside GDPR is PECR (The Privacy and Electronic Communications Regulations). Why do organisations wait to see what the regulation requires before taking action? Is a big stick (fines, penalties, etc.) really the answer when it comes to personal data? I think it goes some of the way to getting some organisations to become more accountable. changes to how they look after personal information. Some are in denial, some angry and some have accepted the need to take action. What it actually stands for, however, is the rights of the individual, which surely can only be a good thing? The question I have is: why would an organisation be unhappy to do all it could to protect the personal data in its custody? Honesty, truth and reputation Many organisations take pride in having honesty and truth as their values. They fear damage to their reputation. Moreover, people (of all ages) are digging deeper into understanding the values of the organisations they want to work for, be certain that a squeaky clean image is both desirable and needed. Also, consider the mis-match between behaviours within organisations. We can explore this with personal data as our lens. An individual decides they want to attend a conference. They provide their personal information to the organiser to gain admittance. All is well. The individual receives their conference ticket and the organiser has the information they need to be able to facilitate it. Later, the organiser decides to make the most of the data of the 500 delegates. They want to analyse, sell or share it. www.conference-news.co.uk They do so, year after year. The data grows and they work it some more. However, the personal information was only ever provided (unless stipulated otherwise) for the purpose of gaining entry to the conference. And that is where the challenge lands fo ȁ΅…Ήδ½Ι…Ή₯Ν…Ρ₯½ΉΜΈ)Q‘”­•δΑ½₯ΉΠ™½ΘΡ‘”‘•±•…Ρ”₯Μθ$)½έΈ΅δ₯Ή™½Ι΅…Ρ₯½Έ…Ή$‘…Ω”)±½…Ή•₯ЁѼε½ΤΈ%Ё‘½•Ν»ŠeЁ‰•±½ΉœΡΌ)ε½Υȁ½Ι…Ή₯Ν…Ρ₯½ΈΈ) ±•…Ι±δΝ½΅”½Ι…Ή₯Ν…Ρ₯½ΉΜ‘…Ω”)™½Ι½ΡΡ•ΈΡ‘”‘…Ρ„₯́Ή½ΠΡ‘•₯ΙΜΈ)Ή°ΝΌέ”‘•…ȁ½˜™₯Ή•Μ…Ή)Α•Ή…±Ρ₯•ΜΡ‘…Ё…ΑΑ±δΥΉ‘•ΘAH₯Έ)΅…Ήδ‰±½œΑ½ΝΡΜΈ5…Ήδ½ΉΝΥ±Ρ…ΉΡΜ)ΝΡ…ΙЁё•₯ȁΑΙ•Ν•ΉΡ…Ρ₯½ΉΜ‘₯‘±₯‘Ρ₯Ήœ)Ρ‘”Ρ‘Ι•…Ё½˜™₯Ή•ΜΈ) ±•…ɱ䁽ɝ…Ή₯Ν…Ρ₯½ΉΜΉ••ΡΌ…Ω½₯)Ρ‘₯Μ°Ή½Π©ΥΝЁ‰•…ΥΝ”Ρ‘•δ½Υ±Ό)½ΥЁ½˜‰ΥΝ₯Ή•ΝΜ°‰ΥЁ‰•…ΥΝ”Ρ‘•δ)½Υ±‰”Ρ½±ΡΌΝΡ½ΐΑΙ½•ΝΝ₯Ήœ)₯Ή™½Ι΅…Ρ₯½ΈΈ)A•Ή…±Ρ₯•Μ‘ΌΉ½Π‘•±ΐ…Έ₯Ή‘₯Ω₯‘Υ…°)Ρ‘…Ё‘…́‰••ΈΡ‘”ΝΥ‰©•Π½˜₯‘•ΉΡ₯Ρδ)Ρ‘•™Π‰•…ΥΝ”½˜±…¬½˜…Ι”½ΈΡ‘”)Α…ΙЁ½˜…Έ½Ι…Ή₯Ν…Ρ₯½Έ°‰ΥЁё•δ΅…δ)΅…­”½Ι…Ή₯Ν…Ρ₯½ΉΜ΅½Ι”쁉ΥΠ)Ν‘½Υ±‘»ŠeЁё•δ‰”‘½₯ΉœΡ‘…Ё…Ήεέ…δό)]‘•Έε½Τ‘₯ΝΡ₯°₯Π°•Ω•ΙεΡ‘₯ΉœΡ‘…Π)AHΝ•Ρ́½ΥЁѼ‘Ό₯́Ν₯΅Α±”Έ%Ё₯Μ)©ΥΝЁ…Ν­₯Ήœ½Ι…Ή₯Ν…Ρ₯½ΉΜΡΌ‰”)…½ΥΉΡ…‰±”™½ΘΑ•ΙΝ½Ή…°₯Ή™½Ι΅…Ρ₯½Έ)Ρ‘…Ё‘…́‰••Έ•ΉΡΙΥΝΡ•ΡΌΡ‘•΄Έ)$°™½Θ½Ή”°‘½Α”έ”‘½»ŠeЁΉ••ΡΌ‰”)Ι•…‘₯Ήœ™½ΘΡ‘”ΝΡ₯¬Έ