Dynamic Earth, Dynamic digit.fyi, Dynamic GDPR
Posted on 7th December 2018
Sorry, that’s one of the corniest headlines of the year. That said, the digit.fyi GDPR event at Dynamic Earth in Edinburgh on Wednesday was very good (to be fair, this applies to all their events). Our marketing team (OK, one of them) spent the day there, attending a number of the sessions and generally doing what he’s paid for…
Ken Macdonald, ICO Head of Regions, was the first speaker in the plenary sessions. His overview of the GDPR landscape was comprehensive and interesting. He explained that, unsurprisingly, the ICO has had its busiest ever period in 2018, largely due to the requirements of the new legislation. Scare stories in the media, notably about the requirements for garden allotments, led to a lot of panic calls to the ICO in the run-up to the May deadline. As he pointed out, not everything has to have consent under GDPR, but many companies thought that it did.
More pertinently, he noted that the ICO is trying to organise and educate everyone about GDPR. Essentially, it’s important to regulate every situation where personal data are processed. Serious breaches need to be reported to the ICO but not minor ones. If anyone is in doubt, he advised looking at the ICO website for guidance.
He also explained about the ICO Objectives, namely:
- To respond swiftly and effectively to breaches
- To be effective, proportionate, dissuasive and consistent in their application of sanctions
- In line with legislative provisions, promote compliance with the law.
- To be proactive in identifying and mitigating new or emerging risks; and
- To work with other regulators and interested parties constructively
Finally, he brought our attention to an emerging issue. Facial recognition technology is increasingly being used for a variety of purposes and, clearly, is classified as “personal data” - as such, its use has to be proportionate and legal.
Other noteworthy sessions included Ivana Bartoletti of Gemserv, talking about Privacy, Ethics and Big Data. We were particularly interested to hear what she has to say about AI and the use of data analytics to make “better” decisions for recruitment. Essentially, she was saying that organisations should consider the ethical dimension to machine made decisions and implement a policy (within the AI structure) that delivers this.
A few other key facts from other sessions were also of interest, especially the possibility of a 1.5m shortfall in cyber security people by 2029, with the suggestion that AI may, by necessity, replace many of these jobs. We were also alarmed to hear that there are databases of over 500m breached passwords, with 10K more being added every day, and that between 40% and 60% of all companies have at least one breached password. The move away from traditional (upper case, lower case, characters) passwords is a good one, but many people persist in using the same password for everything, oblivious to the risks.
Finally, the session on Best GDPR Practice from the Marketing Frontline threw up some other interesting stats, to wit: 50% of consumers don’t want their personal data used at all; 72% of consumers think businesses, not government, are best equipped to protect them; and, perhaps a surprise (?), 60% of 16-18 year olds trust a machine over humans to protect their data/privacy.
So if you thought that GDPR was all done and dusted, we have news for you – it isn’t!
Stuart Alexander, Be-IT
Posted in News
.. Back to Blog