|
|
The primary reason that the text and Recitals of the GDPR uses the term “pseudonymized data” rather than “anonymized data” is largely one of pragmatism. It’s very difficult to completely remove all identifying information about a user. Truly anonymized data falls outside the jurisdiction of the GDPR, but given that it’s highly unlikely many data controllers would either be able or willing to truly and completely anonymize their users’ data, the GDPR uses the definition of pseudonymous data instead. It’s also worth noting that, according to one particularly well-cited study, approximately 87% of American adults could be accurately and uniquely identified using just three data points — date of birth, gender, and a five-digit zip code — using publicly available census data, a sobering statistic that highlights why such robust pseudonymization measures are needed, particularly in light of large-scale data breaches such as the Equifax security incident. 9.
What is ‘Affirmative Consent’ in the Context of the GDPR? Many marketers will already be Benin WhatsApp Number familiar with the concept of affirmative consent, a principle that states individuals must, for example, give their express permission to a company before it can add that person to a mailing list. This is the “opt-in” approach. 10 things you need to know about the EU GDPR opt-in marketing concept Image via Mailchimp Under the GDPR, affirmative consent laws will be strengthened. This means that companies that conduct business with EU nationals will no longer be able to bury hidden clauses in lengthy, verbose terms of service agreements or otherwise obscure their intentions through legal trickery. The GDPR states that EU nationals must not only give their express permission before a company can process or store their data, but also that companies must provide EU nationals with clear, easily understood opt-in processes that expressly state how users’ data will be stored, processed, or used.
What About Affirmative Consent for Minors? Many companies deal with minors during the course of their business operations. App developers, entertainment websites, and other kinds of businesses routinely handle data pertaining to minors, and the GDPR has specific guidelines on how this data should be handled. Affirmative parental consent is vital to collecting, storing, or processing the personal data of EU nationals under the age of 13. Data controllers must be able to demonstrate that affirmative parental consent was granted upon request, and it’s important to note that this consent can be withdrawn at any time – as is the case with consent to permit adults’ personal information to be processed. 10.
|
|
發表於 2024-3-7 19:28:31