Let’s explore what you need to know about the new data protection frameworks, and how you will need to adapt your development workflows to meet them. This article is not a comprehensive overview of the European privacy overhaul by any means; rather, it focuses on issues specific to web development.
Web developers like you have a major role to play in embracing the new frameworks as the positive tools that they are. The good news is that the obligations in the updated frameworks are not overly complex or technical, and in fact, they don’t even require lawyers. These rules are common-sense and can be immediately adopted.
Getting the process just right ain’t an easy task. That’s why we’ve set up ‘this-is-how-I-work’-sessions — with smart cookies sharing what works really well for them. A part of the Smashing Membership, of course.
The European privacy overhaul will bring positive changes to our business processes and development workflows. We all have to become more thoughtful about what data we collect, how we collect it, and what we do with it. Those changes could not have come soon enough. With data breaches and privacy violations in the headlines every day, not to mention governments expressing open malice against vulnerable citizens, our privacy obligations are as much about ethics and humanity as they are about law and policy.
In May of 2018, a major upgrade to Europe’s overarching data protection framework becomes enforceable. This will be followed by a companion piece of legislation pertaining to data in transit. The extraterritorial nature of these two frameworks — they protect the privacy rights of people in Europe regardless of where their data is collected — means that they will become the de facto standard for privacy around the world.
In this article, we’ll explore what you, as a developer, need to know about the new data protection regime. At the end, you’ll understand how the challenges posed by the privacy overhaul will ultimately help to make you a better developer.
Web developers have a major role to play here. After all, healthy data protection practice is as much about the development side — code, data, and security — as it is about the business side of process, information, and strategy.
Europe’s imminent privacy overhaul means that we all have to become more diligent about what data we collect, how we collect it, and what we do with it. In our turbulent times, these privacy obligations are about ethics as well as law.
GDPR requires you to be more thoughtful about the sites and services you build, more transparent about the ways you collect and use data, more considerate of your users, and more thorough in your development and documentation processes.
Heather Burns is a digital law specialist in Glasgow, Scotland. Her focus is researching, writing, and speaking about internet laws and policies which impact … More about Heather…