GDPR technology - compliance with the anonymity of users

30.05.18 в 08:20 other 935

On 25.05.2018, the General Regulation of the EU GDPR, which establishes updated norms for the use of personal data of private persons, enters into legal force. The changes concern the requirements for ensuring the privacy of users residing in the territories of the EU states. In this case, both European companies with Internet resources and foreign ones will be checked, among users of which there are residents of EU member states.

The scope of the GDPR

Regardless of the territorial location of the companies, if its customers are EU citizens, they will be subject to requirements and appropriate sanctions (in the form of fines of up to 20 million euros) in the event of their failure to comply. This also applies to organizations that have European branches abroad.

In addition to the use of personal information, the GDPR regulations impose restrictions on monitoring the behavior of citizens of EU countries in the Internet network, aimed at determining individual taste and consumer preferences. In this case, the rules apply to Internet resources used for trade and distribution of goods. According to the rules, the user should be warned about monitoring his behavior on the site or be able to access it in a short time.

Principles of GDPR technology

Accordingly, the GDPR methods for the implementation of personal data must meet the following requirements:

  • Security and confidentiality. In the process of using information about users, it is necessary to protect it from theft, modification or deletion.
  • Urgency of storage. The collection and storage of personal data is carried out within the timeframe necessary to perform the targeted processing of this data.
  • Legitimacy and openness. All manipulations aimed at the use of data are carried out in accordance with the current EC legislation in an atmosphere of openness and accessibility.
  • Minimization of collection. Information is collected strictly in the amount required to achieve the objectives of the collection.
  • Reliability of information. Personal data is correct, and if any inaccuracies are detected, they are deleted.
  • The target fee. Personal data of users are collected and implemented according to the purposes of their receipt.


Primary requirements

The new GDPR technology provides for a number of requirements that will be presented to the Internet resources of organizations that have in their target audience citizens of EU countries.

The condition for the fulfillment of the rights of the owner of personal data

The technology stipulates the new right of EU citizens to request the company about the use of personal data, their nature, the degree of anonymity of the user on the site, the amount of information and obtaining documented confirmation. Information is provided when and for what purposes personal data can be delivered to third parties.

Now there will be a new opportunity to delete data, according to which the owner will be able to apply for the destruction of all information about himself. Under the new rule, data is destroyed in its entirety, ensuring complete anonymity of the user.

Notify of violations of the regulations of the GDPR

In case of loss or theft of personal data received, the representatives of the organization are obliged to notify the relevant regulatory bodies within 72 hours. Occasionally, this is also done with respect to the data owners themselves.

The obligation to transfer information to third-party companies at the request of the owner

This requirement is also introduced for the first time and is the right of the subject of personal data to provide him with an electronic copy of information about him for the transfer of its third-party organization. This innovation will significantly save time the owner of the data and increase the level of transparency under the regulations of the GDPR.


Request the owner to consent to the use of data.

The technology of the GDPR establishes strict rules for obtaining consent for the collection and processing of personal data by organizations. The form to be filled out is specified, the motives of the data owner must be clearly understood from its content. In this case, any psychological or manipulative influence will be considered a violation in order to provide the person with such consent. The organization should provide for the ability to quickly demonstrate evidence of obtaining consent.

There is a prohibition on the use of forms that knowingly mislead the visitor of the site, the use of automatically filled fields. In addition, when a resource is visited, the subject's consent to monitoring can not be expressed in silence. The fact of granting consent to the processing of personal data should be communicated to the data subject and fixed in a form that will allow its subsequent confirmation by the controller.

Protection of personal data of children

Children of adolescence who use Internet resources are often not familiar with the rules for the implementation of personal data. The GDPR prescribes special conditions for obtaining consent in children 13-16 years of age. The consent form must also be filled in by the child's parents.

The presence of the person responsible for the privacy of users

Companies performing large-scale monitoring of the audience are obliged to have an employee in the staff who will be responsible for the safety of personal data of users, regulate the processes of their collection and processing.


Implementation of the GDPR

If the target audience of the company includes persons residing in the countries of the European Union, then the organization should conduct a comprehensive analysis of measures, methods used to comply with the requirements of the regulations of the GDPR. If new technology discrepancies are discovered, better strategies should be developed for data collection, processing and storage. A necessary step is the modernization of the site with the introduction of new forms to clarify the agreement with the data processing procedure, the addition of appropriate sections with the availability of information on methods for analyzing and storing personal information of users.

In addition to working on Internet resources, it may be necessary to introduce new employees into the campaign staff, performing the necessary work to ensure the privacy of users. Running the maintenance of the relevant documentation containing information on the personal data of users, how to implement personal data.

The next step will be the creation, as well as the improvement of algorithms for responding to user requests for the provision of information about personal data, procedures for processing applications for the transfer and destruction of private customer data.

In the modern world, the issue of protecting personal data comes to the fore. Legislation of individual countries toughens measures aimed at satisfying the rights of users. The new GDPR technology from 05/25/2018 accentuates the requirement of anonymity of users. Satisfaction with the rules of this regulation will allow individual world organizations and companies to obtain the right to operate on the territory of the EU countries and on the digital international market of the European Union. Compliance with the requirements for the observance of the privacy of users increases the level of trust of the target audience, allows to secure both the client and the organization.

评论

登录来发表评论

热门

伴随着会联网的广泛使用,随之带来一系列的危险。首先涉及到匿名和安全性。如果信息不设防范手段,您的数据很可能被入侵 — 这里举个例子,关于在公用网络中的私人的信件。

最初的互联网预想让空间没有国界化,无论在在那里都可以绝对匿名地获取任何信息。现在很多国家都出现了禁止访问某些资源的情况 。

25日
12月 2017

当今世界保证私人和企业的秘密数据变得越来越困难,所以信息安全的问题变得的越演越烈。每个人都拥有生存、自由和人身安全的权力。保护自己的数据免受入侵,和第三方的调查是没有任何原因的。如果您想在网络上安全地保存自己的信息,就不得不去遵守那些规则。本文就来介绍下基本的方法、手段和常用的程序,当然最主要的是互联网的安全使用。

In the recent past by the standards of the development...

Good afternoon! Now we are talking about such an important...

最新

So, it happened! Rumors, which excited the IT community for...

Attack on crypto-currencies from the states. From the ban on...

The new Regulation of the GDPR on tougher measures to...

The methods of "classic" hacking change after security systems, but...

​The most common methods for organizing network anonymity are the...

联系我们
有问题吗?

在这儿点击,我们就回答