Comments on: A Few Words about GDPR, Data Privacy, and this Blog

By: Ritika Goswami

Ritika Goswami — Mon, 07 Oct 2019 09:47:38 +0000

Really nice and helpful information provided thanks for your worthy knowledge sharing..

By: Dana

Dana — Fri, 06 Apr 2018 17:42:40 +0000

I agree with the spirit of this, except for the part about bloggers not respecting rights. The reaction O have seen was about that minimum $10 million fine. There is a perception that it is not worth the risk of making a mistake when the penalty is that high. I do not target EU citizens. I do not sell outside the US because taxes are a mess. But what data does my stat counter (Google analytics) collect and to what degree am I responsible for what they do with information gathered in my site. My personal concern is not that I want to violate privacy. I only see an up address and I make no effort to identify a specific up addressvtonanyone or any action. But I do have third party activity through Google who already has had run ins with EU law. And I do not know what other programs are doing. If the fine were 4%, it would be easier to do my best and not worry about it. When the minimum is 10 million however, the stakes are pretty high for a handful of visitors.

By: GDPR Violations Are Hiding In Your Database - Here's How To Find Them - Thomas LaRock

Thu, 15 Mar 2018 09:21:57 +0000

[…] think that many of that 22% have their head in the sand, something I’ve written about before. I’ve seen an uptick in conversations around GDPR recently. They go like this: “Hey, we […]

By: Data Privacy Day is Sunday, January 28th - Thomas LaRock

Data Privacy Day is Sunday, January 28th - Thomas LaRock — Fri, 26 Jan 2018 02:46:23 +0000

[…] you read my recent post about GDPR and data privacy you will understand that I adore the idea of having a Data Privacy Day. I plan on […]

By: ThomasLaRock

ThomasLaRock — Mon, 22 Jan 2018 16:37:00 +0000

In reply to John Mitchell. Thanks for the comment! I do hope this post get's people to see the GDPR in a different light.

By: John Mitchell

John Mitchell — Mon, 22 Jan 2018 16:28:00 +0000

In reply to ThomasLaRock.

Thanks for the clarification, Thomas – that makes sense.

John

By: ThomasLaRock

ThomasLaRock — Mon, 22 Jan 2018 16:25:00 +0000

In reply to John Mitchell.

Thanks for the comment John. You are correct about Article 6. Let me explain my words in the post a bit more.

In the post above, where I speak about consent, I link to Article 7. This definition is needed to help explain the items in Article 6 where it lists the conditions for lawful processing, and says that at least one condition must apply. The first two conditions reference consent (if I enter a contract then I am giving consent for my data to be used in ways that adhere to the contract). The other four speak to public interest.

As I mentioned, I Am Not a Lawyer, but I read these articles as GDPR making it known that consent is a fundamental requirement. While I am certain in the case of a warrant it is possible an entity could collect private data without consent, to me the GDPR is making an effort to remind businesses that they need to communicate to their customers how their data is being used.

So, perhaps “fundamental requirement” isn’t accurate for 100% of use cases. However, most companies aren’t acting in public interests, and they will need to get consent directly from customers that are not entered into a contract.

Again…that’s just my understanding. There’s a lot to discuss here, I know we could write about the GDPR for weeks. I want my main point for consent to be this: you should get consent from your customers. It will make things a bit easier if you have consent.

HTH