The Developer’s guide to GDPR
This quick how-to provides a first approach to the main principles of the European General Data Protection Regulation (GDPR) and the different points of attention to consider when developing and deploying applications for Pepper and NAO robots that respect the privacy of users.
1. Be aware of the GDPR core principles
Personal data is any information which is related to an identified or identifiable natural person.
Processing means any operation or set of operations performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Data controller A data controller determines the purposes and the means by which personal data is processed. So when a company or organisation decides "why" and "how" personal data should be processed, it is the responsibility of the data controllers to enforce it while fulfilling their tasks as such.
Accountability: each personal data controller is accountable for their processing, and shall always keep the main 2 principles in mind when processing:
- Privacy by design: privacy by design is embedded into the design and architecture of IT systems. Any action you undertake that involves processing personal data must be done with data protection and privacy in mind at every step. Privacy is not bolted on as an add-on, after the fact. The result is that privacy becomes an essential component of the core functionality being delivered. Privacy is integral to the system without decreasing functionality.
- Privacy by default: means that once a product or service has been released to the public, the strictest privacy settings should apply by default, without any manual input from the end-user.
Lawfulness, fairness and transparency
- For the processing of personal data to be lawful, specific grounds for the processing (‘lawful basis’) must be identified
- Fairness means that processing must be done in ways that people would reasonably expect and not in ways that have unjustified adverse effects on them.
- Transparent processing means being clear, open and honest with people from the start about who you are and how you process data. Informing individuals in an easily accessible and understandable language is the key, whether the controller has a direct relationship with the individual or not.
- Purpose limitation: only one purpose for each personal data processing
- Data minimisation: process only the personal data you need, never more than you need
- Accuracy: the personal data you process must always be accurate and up-to-date
- Storage limitation: program an automatic erasure date/period for the personal data once the purpose is fulfilled, never store personal longer than needed (except when required under law)
- Integrity and confidentiality (security): take all organizational and technical measures to protect personal data against unauthorized or illegal processing, data loss, destruction or accidental damage. Make sure only the need-to-know people have access to the personal data
2. Map and categorize the data and processing in your app
Data mapping is the process of establishing relationships between separate data models from disparate sources or systems. To be GDPR compliant your goal is to minimize the data collection. Keeping a record of processing activities would help.
3. Prioritize the required actions
Identify the actions required to comply with the obligations of the GDPR prior to development, and prioritize the attention points with regard to the risks the data subjects are subjected to by the processing.
4. Manage the risks
When you identify that processing of personal data is likely to create high risks for data subjects, make sure that you manage those risks appropriately in the context.
5. Document developments compliance
To prove your compliance with the GDPR at all times, the actions performed and the documents produced at each stage of development must be well-managed. This mainly implies a regular review and updating of the documentation related to your developments so that it is always up-to-date with the features deployed in your program.