Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Designing products and services with GDPR

356 views

Published on

The General Data Protection Regulation (GDPR) is hitting organisations that deals with EU citizens in 2018. In this deck, Danny informs organisations, designers and developers on how to use the three pillars of Transparency, Privacy and Controls on their quest towards GDPR compliancy. As well as providing examples of brands that are doing things right and wrong (from a GDPR perspective), the presentation provides practical examples of techniques such as consent, privacy by design (PbD) and the right of individuals to update their details at all times. Designers can use these techniques across their products and services to ensure that their marketing efforts are prepared.

Published in: Design
  • Be the first to comment

  • Be the first to like this

Designing products and services with GDPR

  1. 1. DESIGNING PRODUCTS AND SERVICES WITH GDPR #DigitalPond @danny_bluestone
  2. 2. Introducing GDPR What is GDPR?
 1. Transparency 2. Privacy
 3. Control Conclusion TODAY #DigitalPond @danny_bluestone
  3. 3. HELLO. I AM DANNY. #DigitalPond @danny_bluestone
  4. 4. 21% - are a - Data Liberator They think data will make us healthier, safe and more efficient. They’re up for the big data revolution. 40% - are a - Savvy Sharer They’re optimists. Data should be used freely in most situations, but not all. 29% - are a - Data Regulator They think that big data can be useful. But we need to consider decisions carefully. 10% - are a - Privacy Protector They don’t believe the big data hype. They want to regain privacy, no matter what the cost. #DigitalPond @danny_bluestone
  5. 5. INTRODUCING GDPR
  6. 6. The rise of digital and data is unparalleled #DigitalPond @danny_bluestone
  7. 7. The issue is that brands know more about us than we know about ourselves #DigitalPond @danny_bluestone
  8. 8. Tinder has 800 pages of information on one of its users, including age-rank of matches and how many facebook friends she had #DigitalPond @danny_bluestone
  9. 9. #DigitalPond @danny_bluestone There are moral arguments about all of this
  10. 10. The Ponemon Institute Research report May 2017 49% HAD A DOCUMENT BREACH IN THE PAST 2 YEARS 73% EMPLOYEES ARE ACCIDENTALLY EXPOSING INFORMATION 63% OF STAFF UNABLE TO LOCATE SENSITIVE DATA #DigitalPond @danny_bluestone Do businesses know what they are doing?
  11. 11. 11
  12. 12. WHO IS BEHIND GDPR? 12 Official EU website, no information about GDPR European Data Protection Board, no link to GDPR guidelines some internal facing articles The EUR-LUX website (searchable database) contains EU law, the journal of the Union and international agreements. It is also home to the GDPR articles. The articles are not prominent on the homepage. There ls a link to the GDPR PDF or web page with 54K words over 102 word pages Giovanni Buttarelli is the European Data Protection Supervisor. Wojciech Wiewiórowski is the Assistant Supervisor at the EDPS.
  13. 13. The GDPR includes new regulations to prior directives. Accountability Risk-based approach Privacy by design (PbD) Rights of erasure Data portability Transparency/ Consent #DigitalPond @danny_bluestone
  14. 14. 14 The Processor is an entity that processes data on behalf of the controller. They need to conform to the processes, audits, breach and Disaster Recovery policies. The Controller determines the purposes and means of the processing of personal data. They have a legal responsibility to appoint ‘qualified’ Processors. #DigitalPond @danny_bluestone
  15. 15. #DigitalPond @danny_bluestone Only collect the data you need and ensure that it is accessible by users so they can update it. Maintain retention policies. Transparency The service must be clear and collected for specified purposes through explicit consent. ControlsPrivacy Implement PbD, backup and DR methods to ensure data security and resilience. Don't compromise users’ identities. Cyber-Duck Ltd
  16. 16. TRANSPARENCY
  17. 17. Prepare for Subject Access Requests (SARS) #DigitalPond @danny_bluestone
  18. 18. How to handle SARs Requirement Legal response time Facebook Majestic Wine View data held following SAR 1 month No response (have export button to view likes, timeline posts, friends made etc’) Responded in time Follow-up to the SAR Immediate Did not respond to original SAR by email as explained there is a download function N/A With GDPR users will be entitled to know how long their data is stored, enjoy data portability (e.g. porting data from one bank to another) and have their data erased without a court request. #DigitalPond @danny_bluestone
  19. 19. The importance of consent It is important that consent is ‘Unbundled’ and as ‘Granular’ as possible. There should be no ‘Opt-out’. Only provide ‘Opt-in’. Ensure that consent is ‘Easy to withdraw’. Note: You will also need to name any parties that will rely on consent. Using words like third parties or categories will not be acceptable. #DigitalPond @danny_bluestone
  20. 20. Unbundled consent #DigitalPond @danny_bluestone
  21. 21. Poor consent #DigitalPond @danny_bluestone
  22. 22. Audited consent #DigitalPond @danny_bluestone
  23. 23. PRIVACY
  24. 24. Not doing enough to protect identities #DigitalPond @danny_bluestone
  25. 25. How to deal with messaging and live-chat #DigitalPond @danny_bluestone
  26. 26. Design ‘retrospective privacy’ functions #DigitalPond @danny_bluestone
  27. 27. The difference between anonymisation and pseudonymisation Anonymisation means erasing any personal data with permanent fictitious values.
 Pseudonymisation replaces identifiable data with a persistent and reversible token. Name Pseudonym (token) Anonymised Jonny aERT xyz Veronica Oqwti xyz Sylvain SqaL xyz Jonny aERT xyz #DigitalPond @danny_bluestone
  28. 28. The difference between anonymisation and pseudonymisation Anonymisation #DigitalPond @danny_bluestone Pseudonymisation Useful for when granularity of data is not important and reverting back is not required Useful is you want to masquerade data, protect privacy but need to revert back to original
  29. 29. Dynamic IP addresses A dynamic IP address will be personal data in the hands of a website operator if there is another party (i.e. ISP) that can link the dynamic IP address to the identity of an individual and the website operator has a "legal means" of obtaining access to the information held by the ISP in order to identify the individual. 19 October 2016, the Court of Justice of the European Union (the "CJEU") Note: Don’t store server logs if you do not have to. Encrypt logs in storage and limit access to decryption credentials. #DigitalPond @danny_bluestone
  30. 30. Implied consent is not sufficient - “By using this site, you accept cookies” message is not going to cut it. Users can reject cookies - Easily let users withdraw consent and opt-out so they are able to adjust their preferences. The Cookie madness, an ongoing saga! #DigitalPond @danny_bluestone
  31. 31. Deleting data Data Subjects have the right to obtain erasure from the data controller, without undue delay. This means backups too. Make sure you can quickly pinpoint a backup and delete a particular record or file. #DigitalPond @danny_bluestone
  32. 32. 1. Privacy must be proactive, not reactive. 2. Privacy must be the default setting. 3. Privacy must be embedded into design. 4. Privacy must contain a balance between privacy and security. 5. Privacy offers end-to-end lifecycle protection of user data. 6. Privacy standards must be visible, transparent. 7. Privacy must be user-centric. Privacy by design (PbD) #DigitalPond @danny_bluestone
  33. 33. “…With the implementation of the GDPR and the principle of ‘privacy by default’, organizations can no longer hide behind the argument that they are technologically unable to act in line with the regulations” Vita Zwaan, lawyer & lead Privacy Team Bureau Brandeis #DigitalPond @danny_bluestone
  34. 34. CONTROL
  35. 35. Limit the amount of data you capture #DigitalPond @danny_bluestone
  36. 36. Allow users to maintain accurate information #DigitalPond @danny_bluestone
  37. 37. Set and maintain data policies #DigitalPond @danny_bluestone
  38. 38. Why give users ‘data portability’ capabilities? Data portability is a concept to protect users from having their data stored in "silos" or "walled gardens" that are incompatible with one another, i.e. closed platforms, thus subjecting them to vendor lock-in (Wikipedia). TRANSPARENCY & ANALYSIS HELP USERS SWITCH #DigitalPond @danny_bluestone
  39. 39. Be ready for breaches #DigitalPond @danny_bluestone
  40. 40. Educate your staff http://cybrd.uk/dp-quiz #DigitalPond @danny_bluestone
  41. 41. PROCESS 
 WHERE TO START
  42. 42. Apply a process to your GDPR initiative1 Data audit1 Gap analysis2 Make a plan3 Execute4 Train everyone5 #DigitalPond @danny_bluestone
  43. 43. Register for an ICO certificate2 #DigitalPond @danny_bluestone
  44. 44. Embed GDPR in your CX and marketing3 Lloyds concluded that if it was going to avoid losing customers, it needed to overhaul the CRM programme to reflect what people actually want. #DigitalPond @danny_bluestone
  45. 45. CONCLUSION
  46. 46. 1. Saving less data is taking less risk - Store only what you need. 2. Use PbD - Consider systems, messaging and encryption to determine who sees what and why. 3. Be aware - Besides GDPR look out for other laws like e-privacy and PSD2. 4. Consent - Obtain explicit consent for everything and ensure you have audit trails. 5. Policies and process - Be ready for SARs and ensure you have retention policies. Conclusions from the Cyber-Duck talk #DigitalPond @danny_bluestone
  47. 47. @DANNY_BLUESTONE @CYBERDUCK_UK THANKS FOR LISTENING All images in this presentation are copyright of their respective owners

×