Mezzo Labs, profile picture
Uploaded byMezzo Labs
PPTX, PDF1,103 views

Raoul Lumb, Data Protection Lawyer, Simons Muirhead & Burton - The Letter of Law

The document discusses the General Data Protection Regulation (GDPR) which replaces the Data Protection Act and has been in effect since May 25, 2018. It maintains eight data protection principles while introducing new responsibilities and liabilities for marketers, including mandatory opt-in consent and reporting of data breaches. Additionally, it requires comprehensive record-keeping and data protection measures to be integrated into processing activities.

Embed presentation

Downloaded 10 times
The Letter of the Law Raoul Lumb
THE LETTER OF THE LAW BY RAOUL LUMB
THE WHAT? • The “General Data Protection Regulation” • European Regulation – replacing the Data Protection Act • Does not replace the PECR (Privacy & Electronic Communications Regulations) • Implementation 25 May 2018
HOW DOES IT WORK? • Maintains the eight Data Protection Principles: • “Fair and Lawful” (the ‘conditions’ for processing) • “Purposes” • “Adequacy” • “Accuracy” • “Retention” • “Rights” of data subjects • “Security” • “International Processing” • Adds significant new fines (4% global turnover or €20 million) • Adds extensive new duties
WHAT ARE THE IMPLICATIONS FOR MARKETEERS? • E-mail, Text, Telephone marketing – new standard of ‘consent’ • Opt-in now obligatory • Opt-in must be voluntary • Consideration of Principle 2 in all circumstances • Data Processors (i.e. marketeers) can now be held liable per Article 82 • Much of the risk can be mitigated by effective contracts
STORAGE OF RECORDS • Duty to build in data protection by “Design & Default” • Consideration to be given to ‘pseudonymisation’ • Need to be able to respond to subject access requests: • How was data obtained? For what purpose? When? • Need to be able to respond to new stop/update/erasure requests • Reporting of breaches now essentially mandatory within 72 hours
REPORTING AND RECORD KEEPING • Boring but important – new records of processing must be kept • Consider mapping ‘data-flows’ • All contracts appointing/engaging as a Data Processors must meet new requirements • Impact assessments to be performed before any significant new processing • Encryption to be seriously considered

More Related Content

PDF
Dai Davies - GDPR Presentation
bySagittarius
 
PPTX
The EU Data Protection Regulation - what you need to know
bySophos Benelux
 
PPT
Kawser Hamid : ICO and Data Protection in the Cloud
byGurbir Singh
 
PPTX
GDPR: More reasons for information security
byJisc
 
PDF
Cathal ryan
byHIQAHIS
 
PPTX
Martha Buyer V SCTC day conference 24 feb16
byAgustin Argelich Casals
 
PDF
ESET Quick Guide to the EU General Data Protection Regulation
byESET
 
PDF
SourceCloud GDPR statement march 2018
byCraig Burns
 
Dai Davies - GDPR Presentation
bySagittarius
 
The EU Data Protection Regulation - what you need to know
bySophos Benelux
 
Kawser Hamid : ICO and Data Protection in the Cloud
byGurbir Singh
 
GDPR: More reasons for information security
byJisc
 
Cathal ryan
byHIQAHIS
 
Martha Buyer V SCTC day conference 24 feb16
byAgustin Argelich Casals
 
ESET Quick Guide to the EU General Data Protection Regulation
byESET
 
SourceCloud GDPR statement march 2018
byCraig Burns
 

What's hot

PDF
New General Data Protection Regulation (Agnes Andersson Hammarstrand)
byNordic APIs
 
PPTX
The Practical Impact of the General Data Protection Regulation
byGhostery, Inc.
 
PDF
EU General Data Protection Regulation
byRamiro Cid
 
PPTX
Patricia Ayojedi V SCTC day Cloud 24 feb16
byAgustin Argelich Casals
 
PDF
Leila Golchehreh - Adaptive Insights - Intro to New EU GDPR Data Privacy Rule...
byBurton Lee
 
PDF
SAP Business One
byAGSanePLDTCompany
 
PDF
Talk1 esc7 muscl-gdpr_debate_v1_2
bySylvain Martinez
 
PDF
Jowanna Conboye - Stephens Scown
byAgile PR
 
PPTX
Legal Issues in Big Data
byBYTE Project
 
PPTX
GDPR SECURITY ISSUES
bySylvain Martinez
 
PPTX
EU GDPR - 12 Steps To Compliance
byTom Haynes
 
PPT
Data protection For CYP Organisations
byCliff Ashcroft
 
PPTX
Basic principles to information privacy in data mining & data warehouse
byPuja Dhakal
 
PDF
Haagse Hogeschool 2012-09-13
bymaartenmarx
 
PPT
Data protection rules could cost firms £75k a year
byJohn Davis
 
PDF
GDPR
byMicrosoft
 
PDF
The Essential Guide to GDPR
byTim Hyman LLB
 
PPTX
Big data minute privacy
byGuyVanderSande
 
PDF
General Data Protection Regulation: what do you need to do to get prepared? -...
byIISPEastMids
 
New General Data Protection Regulation (Agnes Andersson Hammarstrand)
byNordic APIs
 
The Practical Impact of the General Data Protection Regulation
byGhostery, Inc.
 
EU General Data Protection Regulation
byRamiro Cid
 
Patricia Ayojedi V SCTC day Cloud 24 feb16
byAgustin Argelich Casals
 
Leila Golchehreh - Adaptive Insights - Intro to New EU GDPR Data Privacy Rule...
byBurton Lee
 
SAP Business One
byAGSanePLDTCompany
 
Talk1 esc7 muscl-gdpr_debate_v1_2
bySylvain Martinez
 
Jowanna Conboye - Stephens Scown
byAgile PR
 
Legal Issues in Big Data
byBYTE Project
 
GDPR SECURITY ISSUES
bySylvain Martinez
 
EU GDPR - 12 Steps To Compliance
byTom Haynes
 
Data protection For CYP Organisations
byCliff Ashcroft
 
Basic principles to information privacy in data mining & data warehouse
byPuja Dhakal
 
Haagse Hogeschool 2012-09-13
bymaartenmarx
 
Data protection rules could cost firms £75k a year
byJohn Davis
 
GDPR
byMicrosoft
 
The Essential Guide to GDPR
byTim Hyman LLB
 
Big data minute privacy
byGuyVanderSande
 
General Data Protection Regulation: what do you need to do to get prepared? -...
byIISPEastMids
 

Similar to Raoul Lumb, Data Protection Lawyer, Simons Muirhead & Burton - The Letter of Law

PPT
9222290.ppt
byMichelleSaver
 
PDF
Legal and data protection update
byRachel Aldighieri
 
PPTX
An Introduction to Data Protection (London) - June 2015
byRachel Aldighieri
 
PPTX
EU General Data Protection Regulation - Update 2017
byCliff Ashcroft
 
PPTX
Big data needs big protection
byNoel Hatch
 
PDF
An introduction to data protection - 26 March 2014
byRachel Aldighieri
 
PPT
Data protection
byLewis Silkin
 
PDF
Legal update - 1 July
byRachel Aldighieri
 
PPTX
Changes in EU Data Protection Regulations and the Impact on your Email Marketing
byAdestra
 
PDF
Legal update - Leeds
byRachel Aldighieri
 
PDF
Introduction to data protection
byRachel Aldighieri
 
PPT
An introduction to data protection - 30 Jan 2014
byRachel Aldighieri
 
PPTX
General data protection regulation
byFahad Ameen
 
PPTX
GDPR Introduction and overview
byJane Lambert
 
PDF
Introduction to EU General Data Protection Regulation: Planning, Implementati...
byFinancial Poise
 
PPTX
The GDPR timeline - Stephen Bailey, NCC Group
byBCS Data Management Specialist Group
 
PPTX
Getting to grips with General Data Protection Regulation (GDPR)
byZoodikers
 
PDF
An introduction to data protection - Edinburgh
byRachel Aldighieri
 
PPTX
General Data Protection Regulation
byBCC - Solutions for IBM Collaboration Software
 
PDF
DMA Legal update: autumn 2013 - Tuesday 1 October
byRachel Aldighieri
 
9222290.ppt
byMichelleSaver
 
Legal and data protection update
byRachel Aldighieri
 
An Introduction to Data Protection (London) - June 2015
byRachel Aldighieri
 
EU General Data Protection Regulation - Update 2017
byCliff Ashcroft
 
Big data needs big protection
byNoel Hatch
 
An introduction to data protection - 26 March 2014
byRachel Aldighieri
 
Data protection
byLewis Silkin
 
Legal update - 1 July
byRachel Aldighieri
 
Changes in EU Data Protection Regulations and the Impact on your Email Marketing
byAdestra
 
Legal update - Leeds
byRachel Aldighieri
 
Introduction to data protection
byRachel Aldighieri
 
An introduction to data protection - 30 Jan 2014
byRachel Aldighieri
 
General data protection regulation
byFahad Ameen
 
GDPR Introduction and overview
byJane Lambert
 
Introduction to EU General Data Protection Regulation: Planning, Implementati...
byFinancial Poise
 
The GDPR timeline - Stephen Bailey, NCC Group
byBCS Data Management Specialist Group
 
Getting to grips with General Data Protection Regulation (GDPR)
byZoodikers
 
An introduction to data protection - Edinburgh
byRachel Aldighieri
 
General Data Protection Regulation
byBCC - Solutions for IBM Collaboration Software
 
DMA Legal update: autumn 2013 - Tuesday 1 October
byRachel Aldighieri
 

More from Mezzo Labs

PPTX
Consumer not Customer, Value not Revenue, Actions not Numbers - Russell McAthy
byMezzo Labs
 
PPTX
Attribution Modelling and Blockchain - Peter Prince
byMezzo Labs
 
PPTX
Attribution or Misattribution? How to make digital measurement less awful - N...
byMezzo Labs
 
PPTX
What can Artificial Intelligence (AI) offer to Attribution Modelling? - Dimit...
byMezzo Labs
 
PPTX
Lindsay McEwan, VP & MD EMEA, Tealium - The Martech Industry and Your Data - ...
byMezzo Labs
 
PPTX
Adrian Kingwell, Managing Director, Mezzo Labs - 350 days to Armageddon
byMezzo Labs
 
PPTX
Alex Gallagher, Future Finance - Targeting Audiences Wherever They Are
byMezzo Labs
 
PPTX
Aliur Rahman, Experian, - Setting up an Optimisation Function
byMezzo Labs
 
PPTX
Steve Keightley, Head of Optimisation, Mezzo Labs - Data-Driven Optimisation
byMezzo Labs
 
PPTX
Nick Fleetwood, Head of Financial Services, Oracle’s Maxymiser - Optimization...
byMezzo Labs
 
PPTX
Adrian kingwell, Mezzo Labs - Making Data Personal
byMezzo Labs
 
PPTX
Ali White, Calltracks - Tracking online traffic to offline sales
byMezzo Labs
 
PPTX
JP Luchetti, Mubaloo - How data defines mobile strategy
byMezzo Labs
 
PPTX
Adrian Kingwell, Mezzo Labs - App Analytics
byMezzo Labs
 
PPTX
Lee Suker - What is a DMP
byMezzo Labs
 
PPTX
Andy Walker - Creating Order from Chaos - Integrating Online with Offline (In...
byMezzo Labs
 
PDF
Jamie Brighton - Personalization Spectrum
byMezzo Labs
 
PPT
Increasing Audience Engagement - Chris Moss
byMezzo Labs
 
PPTX
Is personal shopping personal enough yet? - Simon Bloom
byMezzo Labs
 
PPTX
Insurance, Customers and Data - Alan Sanderson
byMezzo Labs
 
Consumer not Customer, Value not Revenue, Actions not Numbers - Russell McAthy
byMezzo Labs
 
Attribution Modelling and Blockchain - Peter Prince
byMezzo Labs
 
Attribution or Misattribution? How to make digital measurement less awful - N...
byMezzo Labs
 
What can Artificial Intelligence (AI) offer to Attribution Modelling? - Dimit...
byMezzo Labs
 
Lindsay McEwan, VP & MD EMEA, Tealium - The Martech Industry and Your Data - ...
byMezzo Labs
 
Adrian Kingwell, Managing Director, Mezzo Labs - 350 days to Armageddon
byMezzo Labs
 
Alex Gallagher, Future Finance - Targeting Audiences Wherever They Are
byMezzo Labs
 
Aliur Rahman, Experian, - Setting up an Optimisation Function
byMezzo Labs
 
Steve Keightley, Head of Optimisation, Mezzo Labs - Data-Driven Optimisation
byMezzo Labs
 
Nick Fleetwood, Head of Financial Services, Oracle’s Maxymiser - Optimization...
byMezzo Labs
 
Adrian kingwell, Mezzo Labs - Making Data Personal
byMezzo Labs
 
Ali White, Calltracks - Tracking online traffic to offline sales
byMezzo Labs
 
JP Luchetti, Mubaloo - How data defines mobile strategy
byMezzo Labs
 
Adrian Kingwell, Mezzo Labs - App Analytics
byMezzo Labs
 
Lee Suker - What is a DMP
byMezzo Labs
 
Andy Walker - Creating Order from Chaos - Integrating Online with Offline (In...
byMezzo Labs
 
Jamie Brighton - Personalization Spectrum
byMezzo Labs
 
Increasing Audience Engagement - Chris Moss
byMezzo Labs
 
Is personal shopping personal enough yet? - Simon Bloom
byMezzo Labs
 
Insurance, Customers and Data - Alan Sanderson
byMezzo Labs
 

Recently uploaded

PPT
Acids and alkalis ppt.ppt SVfhasvas jhsvdhsvduisa
byleonciaamolato001
 
PDF
OLAP (Online Analytical Processing) is a technology used for quickly analyzin...
bykibreabtsigabu16
 
PDF
Steven Imrisek | Quantitative UX Research Portfolio: Two Digital Health Case ...
bysteven180178
 
PDF
The Hidden Risks in Linux Power Monitoring and How to Fix Them
byNiCE IT Management Solutions GmbH
 
PPT
Data Structures in java programing and ICT.ppt
byCarlos701746
 
PPTX
Engineering Project Proposal by Slidesgo.pptx
bythub2306144
 
PPT
fgfdgdgdgdfgerst4t4tqwweqe3eawdsfsdsdsdd
bymohamedtarekabdelrou
 
PPTX
Correlation-Regression analysis -16.11.25.pptx
byFahmida Swati
 
PPTX
2B.Carbon-Neutral Technologies and Negative Emission Strategies for Net-Zero ...
byrameshkumar01430
 
PDF
The Gemini Advantage: A Strategic Overview of Google’s Multimodal AI Ecosystem
byRohit Garg
 
PPTX
Chapter-2 cyber security data sources.pptx
bySenaitDesalegn2
 
PDF
Interpretability and Explainability Module 4.pdf
byShiwani Gupta
 
PDF
Google Gemini Learning Guide - Generating Text, Vision Model, and Embeddings ...
byRohit Garg
 
PDF
MariaDB Monitoring for Enhancing Performance, Availability, and Security
byNiCE IT Management Solutions GmbH
 
PDF
2022.05.20_Presentazione_Luca-Ginnari-Satriani_Impurities.pdf
byFbioTeixeiradaSilva
 
PPTX
Pollution_Assignment_GurveerKaur_1112.pptx
bydeeppc8900
 
PPT
Java Swing in java object oriented progaming.ppt
byCarlos701746
 
PDF
IIT JEE 2026 Complete Study Planner.pdfg
byniknikhi905
 
PPTX
ammonia process.pptx Amisha Group 7.pptxAmisha Group 7.pptxAmisha Group 7.pptx
byrameshkumar01430
 
PDF
From Microsoft SCOM to Dashboards | Grafana, SquaredUp, Power BI, Azure Workb...
byNiCE IT Management Solutions GmbH
 
Acids and alkalis ppt.ppt SVfhasvas jhsvdhsvduisa
byleonciaamolato001
 
OLAP (Online Analytical Processing) is a technology used for quickly analyzin...
bykibreabtsigabu16
 
Steven Imrisek | Quantitative UX Research Portfolio: Two Digital Health Case ...
bysteven180178
 
The Hidden Risks in Linux Power Monitoring and How to Fix Them
byNiCE IT Management Solutions GmbH
 
Data Structures in java programing and ICT.ppt
byCarlos701746
 
Engineering Project Proposal by Slidesgo.pptx
bythub2306144
 
fgfdgdgdgdfgerst4t4tqwweqe3eawdsfsdsdsdd
bymohamedtarekabdelrou
 
Correlation-Regression analysis -16.11.25.pptx
byFahmida Swati
 
2B.Carbon-Neutral Technologies and Negative Emission Strategies for Net-Zero ...
byrameshkumar01430
 
The Gemini Advantage: A Strategic Overview of Google’s Multimodal AI Ecosystem
byRohit Garg
 
Chapter-2 cyber security data sources.pptx
bySenaitDesalegn2
 
Interpretability and Explainability Module 4.pdf
byShiwani Gupta
 
Google Gemini Learning Guide - Generating Text, Vision Model, and Embeddings ...
byRohit Garg
 
MariaDB Monitoring for Enhancing Performance, Availability, and Security
byNiCE IT Management Solutions GmbH
 
2022.05.20_Presentazione_Luca-Ginnari-Satriani_Impurities.pdf
byFbioTeixeiradaSilva
 
Pollution_Assignment_GurveerKaur_1112.pptx
bydeeppc8900
 
Java Swing in java object oriented progaming.ppt
byCarlos701746
 
IIT JEE 2026 Complete Study Planner.pdfg
byniknikhi905
 
ammonia process.pptx Amisha Group 7.pptxAmisha Group 7.pptxAmisha Group 7.pptx
byrameshkumar01430
 
From Microsoft SCOM to Dashboards | Grafana, SquaredUp, Power BI, Azure Workb...
byNiCE IT Management Solutions GmbH
 

Raoul Lumb, Data Protection Lawyer, Simons Muirhead & Burton - The Letter of Law

  • 1.
    The Letter ofthe Law Raoul Lumb
  • 2.
    THE LETTER OFTHE LAW BY RAOUL LUMB
  • 3.
    THE WHAT? • The“General Data Protection Regulation” • European Regulation – replacing the Data Protection Act • Does not replace the PECR (Privacy & Electronic Communications Regulations) • Implementation 25 May 2018
  • 4.
    HOW DOES ITWORK? • Maintains the eight Data Protection Principles: • “Fair and Lawful” (the ‘conditions’ for processing) • “Purposes” • “Adequacy” • “Accuracy” • “Retention” • “Rights” of data subjects • “Security” • “International Processing” • Adds significant new fines (4% global turnover or €20 million) • Adds extensive new duties
  • 5.
    WHAT ARE THEIMPLICATIONS FOR MARKETEERS? • E-mail, Text, Telephone marketing – new standard of ‘consent’ • Opt-in now obligatory • Opt-in must be voluntary • Consideration of Principle 2 in all circumstances • Data Processors (i.e. marketeers) can now be held liable per Article 82 • Much of the risk can be mitigated by effective contracts
  • 6.
    STORAGE OF RECORDS •Duty to build in data protection by “Design & Default” • Consideration to be given to ‘pseudonymisation’ • Need to be able to respond to subject access requests: • How was data obtained? For what purpose? When? • Need to be able to respond to new stop/update/erasure requests • Reporting of breaches now essentially mandatory within 72 hours
  • 7.
    REPORTING AND RECORDKEEPING • Boring but important – new records of processing must be kept • Consider mapping ‘data-flows’ • All contracts appointing/engaging as a Data Processors must meet new requirements • Impact assessments to be performed before any significant new processing • Encryption to be seriously considered