EU General Data Protection Regulations have to be complied with by 25th May 2018 - until we leave the EU, I suppose!
https://en.wikipedia.org/wiki/General_D ... Regulation
These apply to almost any method of holding or displaying personal information, like paper or online data. It's recommended that data is stored under password or encrypted, or locked away if on paper.
I have a village website where I show contact details for club members and I want those to be available to any member of the public. I don't want my website to be for members only subject to password login. Will I be contravening the regulations?
Similarly I am a committee member of a local archive that is part of a charity and we have thousands of documents on shelves available for public view. We obviously can't encrypt or password protect these, and at present they aren't locked away. Is that a problem?
It's also recommended that personal data should be stored on two databases, one with an anonymous ID and the other with personal details, (both encrypted, optional) and linked by password protected authority. This would apply to forums that I administer, but phpBB like most forums only has one database.
There aren't many exceptions but the few exceptions include totally personal use like your email address file, military use, etc.
Comments please.
Got a credit card? use our Credit Card & Finance Calculators
Thanks to Anonymous,bruncher,niord,gvonge,Shelford, for Donating to support the site
EU General Data Protection Regulations
-
- Lemon Half
- Posts: 6135
- Joined: November 5th, 2016, 9:05 am
- Has thanked: 21 times
- Been thanked: 1428 times
Re: EU General Data Protection Regulations
wickham wrote:Comments please.
The Government has been extremely quiet on what monster of compliance red tape it has unleashed on the public. These days almost every phone has a database of contacts and other "personal" information. Whilst allegedly individuals are exempt, the position as to what happens when they are also acting as part of a small organisation remains ill-defined.
At least one solution is to ignore it and challenge Government or its representatives to take action. Particularly as that is or can be spun as an EU activity, the chances of success against public opinion may be dubious. It's highish risk, but isn't it a blow for the individual against the all powerful State and the impositions it will make?
-
- Lemon Half
- Posts: 8410
- Joined: November 4th, 2016, 11:20 am
- Has thanked: 929 times
- Been thanked: 4230 times
Re: EU General Data Protection Regulations
I hold a number of lists of members of organisations.
On looking at the guidance on the gov.uk website, I found that under "Exemptions" I could answer "No" to at least one of the flow chart questions. It follows, therefore, that there is no need to register or pay a fee.
Safeguarding of information is another matter.
TJH
On looking at the guidance on the gov.uk website, I found that under "Exemptions" I could answer "No" to at least one of the flow chart questions. It follows, therefore, that there is no need to register or pay a fee.
Safeguarding of information is another matter.
TJH
-
- Lemon Half
- Posts: 6139
- Joined: November 4th, 2016, 1:12 pm
- Has thanked: 1589 times
- Been thanked: 1801 times
Re: EU General Data Protection Regulations
wickham wrote:EU General Data Protection Regulations have to be complied with by 25th May 2018 ...
Does this thread at Legal Issues (Practical) assist?:
viewtopic.php?f=2&t=9943&hilit=gdpr
It commences I have just formed a small club. To date I have about 100 members...
-
- Lemon Slice
- Posts: 363
- Joined: November 6th, 2016, 8:13 am
- Has thanked: 34 times
- Been thanked: 10 times
Re: EU General Data Protection Regulations
PinkDalek wrote:Does this thread at Legal Issues (Practical) assist?:
Not exactly. It doesn't really deal with a village information website where personal details are on display publicly, like a telephone directory.
-
- The full Lemon
- Posts: 10939
- Joined: November 4th, 2016, 8:17 pm
- Has thanked: 1496 times
- Been thanked: 3039 times
Re: EU General Data Protection Regulations
IANAL. My advice is worth what you paid for it, or probably less.
I think that one looks clear: you would indeed come under the regulations and need to obtain explicit consent from all whose details are displayed. And that's not just red tape: it could come back to bite you if someone uses your information to help commit a crime (e.g. fraud, identity theft, personal harassment).
Does that contain personal details concerning living people? If yes, how useful a resource might it be for a criminal seeking to abuse the data? It might be a grey area, with the shade of grey determined by that kind of question.
That's purely a practical issue, and I'd be surprised if GDPR materially changes anything from the old Data Protection Act. I expect LemonFool would reveal all they know about your or my real identity if ordered to do so by a court, but should keep them secure against unauthorised access.
That may have been a strong reason the old Fool boards shut down. Whereas PHPBB's private message facility works with our public aliases, TMF's facility would reveal much more of a Fool's identity. They were perhaps *always* on thin ice with that, and at ever-increasing risk as awareness grew.
wickham wrote:I have a village website where I show contact details for club members and I want those to be available to any member of the public. I don't want my website to be for members only subject to password login. Will I be contravening the regulations?
I think that one looks clear: you would indeed come under the regulations and need to obtain explicit consent from all whose details are displayed. And that's not just red tape: it could come back to bite you if someone uses your information to help commit a crime (e.g. fraud, identity theft, personal harassment).
Similarly I am a committee member of a local archive that is part of a charity and we have thousands of documents on shelves available for public view. We obviously can't encrypt or password protect these, and at present they aren't locked away. Is that a problem?
Does that contain personal details concerning living people? If yes, how useful a resource might it be for a criminal seeking to abuse the data? It might be a grey area, with the shade of grey determined by that kind of question.
It's also recommended that personal data should be stored on two databases, one with an anonymous ID and the other with personal details, (both encrypted, optional) and linked by password protected authority. This would apply to forums that I administer, but phpBB like most forums only has one database.
That's purely a practical issue, and I'd be surprised if GDPR materially changes anything from the old Data Protection Act. I expect LemonFool would reveal all they know about your or my real identity if ordered to do so by a court, but should keep them secure against unauthorised access.
That may have been a strong reason the old Fool boards shut down. Whereas PHPBB's private message facility works with our public aliases, TMF's facility would reveal much more of a Fool's identity. They were perhaps *always* on thin ice with that, and at ever-increasing risk as awareness grew.
-
- The full Lemon
- Posts: 10939
- Joined: November 4th, 2016, 8:17 pm
- Has thanked: 1496 times
- Been thanked: 3039 times
Re: EU General Data Protection Regulations
sorry, posted to wrong thread just now. Deleting substance of off-topic post
Return to “Technology - Computers, TV, Phones etc.”
Who is online
Users browsing this forum: No registered users and 16 guests