Snap Inc. announces GDPR compliance, adherence to privacy by design principles

Share

As enigmatic as it is ephemeral, Snapchat has admittedly been more open about its operations and data since its IPO previous year. Even if you don't live in any of the countries there, it looks like most of the tech companies are implementing changes to global users as well.

The GDPR applies to any organizations that either offer goods and services to European Union citizens or who monitor their behavior, such as tracking an individual's internet activity to generate a profile of personal preferences.

A GDPR call center plan for agent training also needs to focus on changes that might affect customers and users.

The GDPR regulations can be broken down into two main categories: Privacy and Data Protection/Security. "Personal data" in this context means data relating to a living individual who can be identified from that data, or can be identified from that data taken together with other information that we hold or we may be likely to obtain. The GDPR requires companies to notify supervisory authorities and, in some cases, data subjects after a breach. It may be necessary to fulfill a contract, fulfill an obligation, or other legitimate interests or consent. Rigorous requirements for consent to retain and use Personal Data apply, which essentially reject consent by omission or inaction-consent by silence, pre-filled boxes, or inactivity will not constitute consent.

Separately, while users have always been able to opt-outs of all targeting based on Snap's third-party data - ie ads from brands that are using the platform's pixel to measure and retarget ads across the internet - they can now do so via few swipes in the app. However, it will ultimately shut off certain data collection and targeting for users in this age group, including location data. The anonymization of data along with the necessary explanation of what objective this collection has can ensure compliance. It may also be collected by the show producer to track sessions and award CEU/CME credits.

While these rights require processes to be in place to ensure they are met, the ICEAW explains that not all the rights are absolute.

An individual also has several other important privacy rights.

"Hackers are constantly improving their ability to find loopholes in the common frameworks and appScatter can assist by allowing the security of the systems to be analysed, looking at areas such as weaknesses in stack security to ensure they are not outdated and looking at all frameworks and systems are up-to-date".

Over a quarter (27%) could not correctly answer questions about the time-frame they have before informing authorities about a data breach.

The GDPR speaks of Data Protection by Design and Default.

Commonwealth Games: Missing African athletes granted visas
He expressed doubt that the Department of Immigration and Border Protection would be able to issue protection visas fast enough. They were said to have absconded over three consecutive nights. "The reality is that assistance is unfunded".

Snapchat, however, was already built for this; meaning it's unlikely to see any short term drop off when it comes to ad revenues or users being turned off by GDPR repermissioning requests.

The deadline has to do with the General Data Protection Regulation (GDPR), and numerous US businesses have been working hard to become compliant to avoid stiff penalties.

Processor: the person or organisation who acts on the controller's instruction. It can include name, date of birth, address details, photographs, email address, bank details, social networking accounts and IP address.

So, what is required?

Under GDPR firms user consent, use of their personal data must be freely "given, specific, informed and unambiguous".

The GDPR will require US businesses covered by the GDPR to adopt a new framework for identifying, tracking, managing and protecting Personal Data in accordance with GDPR requirements.

We take the responsibility of looking after personal data in our possession seriously.

Kerri Crawford, senior associate for Norton Rose Fulbright's Johannesburg office, created the GDPR chatbot in conjunction with the firm's European data protection team.

The GDPR goes into law on May 25.

Share