Difference between revisions of "GDPR/Meeting Notes 2019-01-14"

Revision as of 20:31, 14 January 2019

Date: Monday, 14 January 2019 from 7:00pm to 9:00pm iCal
Meetup Event: https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/255516932/
Location: *** Room 1300 *** -- Conrad Grebel University College, 140 Westmount Rd. N., Waterloo, Ontario Map
Event Announcement: GDPR/Announcement 2019-01-14

Does your Non-Profit organization collect personal data on people? People in Europe? And what is Personal Data anyway? Does your organization have an office in Europe? Store data in Europe? Process data in Europe? What is the General Data Protection Regulation (GDPR)? Does it apply to your organization? What policies does your organization need to have? What technical measures need to be in place? What's the SysAdmin's role in all this? Could a SysAdmin be liable?

Marc Paré will provide us with an overview of the GDPR, and outline some of the concerns for Non-Profit SysAdmins.

--Marc Paré & Bob Jonkman

GDPR/Meeting Notes 2019-01-14

Resources

Meeting Notes

Don't take our words as legal advice!

Some websites closed down rather than violate GDPR
Each country in EU needs to appoint its own GDPR Commissioner
Started last year (25 May 2018)
- People had several years to comply before 2018
- But European commission is not yet up-to-speed on everything, still working on enforcement and compliance

Personal websites don't fall under GDPR
- Unless you're selling goods or services to European markets
- If you don't expect visitors from Europe you should be OK
- But GDPR exceeds boundaries, even non-European sites need to follow that law

Controllers: Collect the data, set standards to determine what data to collect (eg. Google)
Processors: Websites that don't necessarily use the data, but collects data from other sites (eg. banner ads)

Even temporary receipt of data falls under GDPR
- KWNPSA site might be under GDPR, WordPress requires cookies
  - Marc has added a cookie disclaimer to https://kwnpsa.ca
  - The cookie form cannot be pre-checked
  - Newsletter subscriptions require double opt-in (subscribe, then confirm)
    - We can no longer add people's names without written permission, or subscribing with an opt-in
- Fines might be 20,000,000 Euros, or 4% of your profits

Subtopic

Point
Point
- Sub-Point

Subtopic

Point
Point
- Sub-Point

Back to: GDPR

@@ Line 8: / Line 8: @@
 ==== Meeting Notes ====
+* Don't take our words as legal advice!
+* Some websites closed down rather than violate GDPR
+* Each country in EU needs to appoint its own GDPR Commissioner
+* Started last year (25 May 2018)
+** People had several years to comply before 2018
+** But European commission is not yet up-to-speed on everything, still working on enforcement and compliance
+* Personal websites don't fall under GDPR
+** Unless you're selling goods or services to European markets
+** If you don't expect visitors from Europe you should be OK
+** But GDPR exceeds boundaries, even non-European sites need to follow that law
+* Controllers: Collect the data, set standards to determine what data to collect (eg. Google)
+* Processors: Websites that don't necessarily use the data, but collects data from other sites (eg. banner ads)
+* Even temporary receipt of data falls under GDPR
+** KWNPSA site might be under GDPR, WordPress requires cookies
+*** Marc has added a cookie disclaimer to https://kwnpsa.ca
+*** The cookie form cannot be pre-checked
+*** Newsletter subscriptions require double opt-in (subscribe, then confirm)
+**** We can no longer add people's names without written permission, or subscribing with an opt-in
+** Fines might be 20,000,000 Euros, or 4% of your profits
 ===== Subtopic =====
 * Point

Difference between revisions of "GDPR/Meeting Notes 2019-01-14"

Revision as of 20:31, 14 January 2019

Contents

GDPR

Resources

Meeting Notes

Subtopic

Subtopic

Navigation menu

Search