Lundi, 18 Février 2019
Latest news
Main » Oculus announces new privacy dashboard and policy ahead of new European regs

Oculus announces new privacy dashboard and policy ahead of new European regs

20 Avril 2018

The GDPR is all about forcing organisations to be more open, transparent and accountable. This means that GDPR could apply to anyone working in a company, charity, government or IT firm. The company told Reuters it made the change "because European Union law requires specific language". If the United States company were to certify that it complies with the framework, it may either: (a) make that certification through a self-assessment; or (b) engage a third-party to conduct the assessment. However, that is only if they have at least made progress on this complex compliance project, with policies and detailed plans in place; good faith efforts underway to implement them; and staff training in the works.

Explaining the impact this misinterpretation could have on Middle East businesses, she said, "This is quite simple- if a Middle East business stores or processes data of any individual who might be in the European Union at some time, they should prepare for GDPR compliance". Expert data protection officers (DPOs) must be appointed and sufficiently resourced by organizations that engage in large-scale systematic monitoring.

It's clear that in recent years consumers have been exploited by dodgy data-collection practices.

"When you visit a site or app that uses our services, we receive information even if you're logged out or don't have a Facebook account", David Baser, Facebook's product management director, stated in a blog post. Companies will also only be able to collect data for specific business purposes.

With the General Data Protection Regulation (GDPR) deadline quickly approaching in May, many organizations are scrambling to get their customer information systems in order to meet the requirements. You only need to look at the Facebook and Cambridge Analytica scandal to realise people are finally waking up, with concerns about how their personal data is being used. The other primary goal was to create regulatory uniformity across the EU.

Defining data standards and rules is not only a technical task; it also requires an understanding of the data and a grasp of business requirements and legislation. Additionally, the measures used to secure data, such as encryption in transit and in temporary storage, must be documented.

If you can convey the message that data protection is important to your business, that GDPR compliance is not merely an inconvenience but that you take the personal data you hold extremely seriously, your company will earn market trust and respect. Companies not technically mandated to do this should still consider the value of hiring a privacy overseer and having this person sit on the board.

Facebook reportedly released a new terms of service draft two weeks ago and expect to have them take effect sometime next month, most likely before Mat 25th when the GDPR comes into effect.

An issue in such events is that each jurisdiction has different requirements regarding the notification of authorities and the subjects of the data breach. And it doesn't hurt that the consequences for running afoul of GDPR are so massive, he added.

If people's rights are ignored, the fine could reach up to €20 million (£17m) or four per cent of your global annual turnover, whichever is higher. Other companies, however, are not so lucky. Among many other things, the new regulation will give customers and end users more access control to their data than ever before. Both cloud providers and cloud tenants need to be GDPR compliant, and Microsoft is making sure it's covered.

With the "right to data portability" organisation now have a way of showcasing their transparency and honesty. Marketing organizations must receive consent information, record how and when it was collected, and decipher the context of the permission. By fostering the right processes, GDPR could, in fact, turn out to be an opportunity to enhance the customer journey.

Further, the GDPR clearly states that processors should carry out processing under a contract or pursuant to law which legally binds the processor to the controller, which means that it is an IT contractors best interests to clarify the scope of the relationship in writing and ensure that their position is well protected.

Oculus announces new privacy dashboard and policy ahead of new European regs