product@dailybot.com
Run successful remote and hybrid teams
http://rocka.co
LET'S BUILD TOGETHER
GDPR
General Data Protection Regulation
What is GDPR?
The General Data Protection Regulation (GDPR) standardizes data protection law across all 28 EU countries and imposes strict new rules on controlling and processing personally identifiable information (PII). It also extends the protection of personal data and data protection rights by giving control back to EU residents. GDPR replaces the 1995 EU Data Protection Directive, and goes into force on May 25, 2018. It also supersedes the 1998 UK Data Protection Act.
Tech requirements GDPR
LET'S BUILD TOGETHER
- “Forget me” (the right to erasure)
- Data destruction (data minimization principle)
- Mark profile as restricted (right to restriction of processing)
- Export data (right to portability)
- Allow profile editing (right to rectification)
- Consent checkboxes • Age checks
- “See all my data” (right to access)
Forget me
LET'S BUILD TOGETHER
Delete all data relating to a user
- Void forgetUser(UUID userId)
- Useful for integration tests
What about foreign keys?
- Allow nullable foreign keys
- Anonymize user (leave only ID)
- Cascade delete
Forget me
LET'S BUILD TOGETHER
Notify 3rd parties / call 3rd parties APIs:
- CRMs, Payment gateways, etc. - Return 404 for indexable pages
Backups – store anonymized IDs separately
Restrict processing
LET'S BUILD TOGETHER
Mark user as “restricted”
- Boolean database column
- Button on profile page “restrict processing of personal data”
- Button on admin page
Don’t show in searches, don’t send emails, don’t include in automated processing
• Mark as restricted in 3rd party systems (e.g. with a custom field)
• Don’t show on public pages / 404
• Why?
• Edge cases: user objects to erasure;
Export data
LET'S BUILD TOGETHER
- Right to data portability (no vendor lock-in; in theory)
- Formats: JSON, XML, CSV or other standards
- Schema: prefer schema.org
- Could be a background process that sends email when done
- Could be a manual process (easier to get compliant)
- All personal data + all data, associated with the user (orders, messages, etc.)
- Logs? No
- Data from 3rd party systems? Yes
- they should have that functionality as well
Editable user profile
- Right to rectification
- All personal data fields should be editable
- Could be a manual support process: “please fix my name or my email”
- Data obtained from 3rd parties
- If email/phone is included, user should be able to modify email/phone
- If not – manual process
LET'S BUILD TOGETHER
Ask for consent
- No more “I accept the Terms and conditions and the privacy policy”
- Unchecked checkbox for each processing purpose on registration
- Data processing business processes to be listed in a register
- User should be able to withdraw consent from the user profile page
- If data is used for machine learning, get explicit consent for that
- Store consent in a secure way
- Consents table with boolean field and timestamping
- Re-request consent for existing users via email
- Oral consent (Accept by phone call)
LET'S BUILD TOGETHER
See all my data
Data should be displayed in the regular UI of the application Allow non-registered users to check if you have data about them - Confirm email - Show the processing records from the register
LET'S BUILD TOGETHER
Age check
On registration ask for age / date of birth / (checked) checkbox “I’m older than 16”
• Ask parent for consent
LET'S BUILD TOGETHER
Limit data retention
- Don’t store data for longer than “necessary”
- Database column for “data retention deadline”
- Scheduled job to delete/anonymize/pseudonymize data that past its deadline
- Deadline vs confirmation event, e.g. “goods delivered”
- Applicable to “purchase without registration”
- Theoretically applicable to registered users
- In practice: “I agree to having my address stored for the purpose of not entering it again on subsequent purchases”.
LET'S BUILD TOGETHER
Do's
LET'S BUILD TOGETHER
Best practices for protect data sensitive
-
Restrict access to production data servers… -
Encrypt the data in transit -
Encrypt the data at rest -
Encrypt your backups -
Implement pseudonymisation -
Protect data integrity -
Log access to personal data -
Register all API consumers
Don’t’s
LET'S BUILD TOGETHER
Bad practices for protect data sensitive
- Don’t put fields on the registration/profile form that you don’t need
- Don’t use data for purposes that the user hasn’t agreed with
- Don’t assume 3rd parties are compliant (Verify that the service complies with data protection)
- Don’t log personal data (Save data in sql and send to others, or save data in csv or xls to send)
- Don’t dump personal data on public servers/buckets
Business requirements for GDPR
LET'S BUILD TOGETHER
- Audit data across Company products
- Identify and eliminate the big risks
- Revise privacy policies of Company and its products
- Data processing procedures
-
Training for Comany staff
-
Delegate CDO
LET'S BUILD TOGETHER
rocka.co
juan@rocka.co
Juan Camilo Zuluaga
Backend Developer
GDPR
By product@dailybot.com
GDPR
introduction to new General Data Protection Regulation
