nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

back to article
Europe's data protection rules set a high bar for consent – and UK ICO welcomes your thoughts

Bronze badge
Thumb Up

Virtual nostalgia

freely given, specific, informed and unambiguous

I like that. Apply it retrospectively to sub-prime mortgages, and the global economic collapse of 2008 goes away. Both the people who signed up for the mortgages, and the people who bought the poisoned derivatives, did not give informed consent. And the people who did not inform them, largely got away scot-free with bags of lucre and no negative consequences.

10
0
Silver badge
FAIL

Re: Virtual nostalgia

Could we do that for the brexit vote as well.

Note to both sides army of comutards slavering at the prospect of down voting this post into the seventh circle of Hell, did any one get sufficient information to make an informed choice.

14
2
Anonymous Coward

Re: Virtual nostalgia

"[...] did any one get sufficient information to make an informed choice."

When in doubt about the quality of information then the status quo is usually the safest option.

The problem with the referendum is two fold.

1) a significant change like that should need a 60% majority of those who voted. That makes it a cleaner cut decision for everyone to live with the consequences.

2) Parliament knew the result was only advisory. In our representative democracy MPs should then have made a considered decision about the potential effects on society as a whole. They give the appearance of having buckled and thrown in the towel. The populace will always tend to vote for free beer if someone promises it to them in electioneering. In theory that is why the USA founding fathers created their Electoral College - as a check on a populist candidate being elected president. It was not intended as a mere rubber stamp.

9
3
Anonymous Coward

The illusion of choice

Neither option was "jettison the bourgeoisie into the ocean", so what does it matter.

8
1
Bronze badge

Re: Virtual nostalgia

Yes, I did.

0
2
Bronze badge

Re: Virtual nostalgia

"In theory that is why the USA founding fathers created their Electoral College - as a check on a populist candidate being elected president."

Bollocks. The Electoral College has nothing to do with 'populism.' It has always been about guaranteeing a majority of smaller states don't get steamrollered by a few large states.

1
0
Silver badge

Re: Virtual nostalgia

That assumes the seller has an accurately quantified the riskiness of a particular instrument. Sounds easy if you say it quickly but actually (in finance anyway) it's very difficult to do and it's a moving target. If everyone had perfect knowledge of future risk, pricing would always be a perfect representation of value and no-one would ever make a profit (or loss) trading.

0
0

And if you don't have consent...

And if you don't have consent to these standards, you must stop processing the data.

So that reliance you had years ago on the "if you do not want to hear from X, click this box twice, knock on wood and shout Beetlejuice three times" consent is not consent.

You bought a list in?  Be prepared to disclose where that came from to the subjects, and be sure that their process was compliant too.

This is one small part of GDPR, and there's lots of little Gotchas like this. I must admit I'm impressed with the ICO guidance which is clear, easy to read, and actionable.

7
0
Gold badge
Go

"the ICO guidance which is clear, easy to read, and actionable."

That actually sounds quite promising.

Let's hope more of the people should read this stuff do so.

4
0
Silver badge

Re: And if you don't have consent...

Having drawn the short straw and ended up as the name on the ICO's register as my employer's Data Protection Officer, I thought I should probably read up on what responsibilities that entailed. The ICO guidance is outstanding. I can't think of any regulator that provides clearer or more copious plain English guidance. 10/10, would register again.

4
0
Anonymous Coward

Do the governments have to follow this consent model?

Silly question.

This is a nice idea but how exactly are they going to implement it? The companies small enough will just go bump and reappear and the big companies will pay off someone in government to turn a blind eye.

How will you even know your data has been used, shared, kept wrongly and without consent? Most will just add consent to the terms and conditions when you use whatever service or buy a product if they don't already have it. I don't read the terms and conditions very often so my first born could already be sold and I would be none the wiser like most people.

The only time I ever caught someone misusing my data was to do with my car and guess who I called? That's right, the ICO and if anyone can't guess the number of shits that were given that day I would be very surprised.

0
4
Silver badge

"Most will just add consent to the terms and conditions"

As I understand it, one of the rules in GDPR is that you can't do this.

7
0
Anonymous Coward

Yes and when you accept the terms and conditions there will be extra tick boxes before you can proceed.

Yes on the left, No on the far right of the page.

0
2
Silver badge

Do the governments have to follow this consent model?

Silly question.

Yes, yes they do. And there's an independent court to make sure they do. Remember all those headlines about unelected Brussels bureaucrats refusing to let the UK gov steamroller over various human rights or fundamental rights provided by the Treaty of Rome?

3
0
Anonymous Coward

question

"most extreme cases of breaches of the regulation, organisations can be fined €20m or up to 4 per cent of the total worldwide annual turnover of the preceding financial year,"

SImple question - does it apply to both government and to government-authorised cartels such as credit ref agencies. If for example, if a reference agency shares anything with an organisation where you have not given explicit consent for that specific information to be shared, will they face the fines? If a civil servant leaves the USB drive on the train, does the government face the fine, or the individual in question?

1
0
Silver badge

Re: question

Simple answer — yes

3
0
Silver badge

Re: question

That's two questions, but (and IANAL of course, and I'm sure you're not dumb enough to get your legal advice from commentards anyway) as I understand it:

1. yes it applies to the state (which is what you mean by "government", although actually the latter is just teh politicians elected to set policy, not the civil servants toiling away in anonymous office blocks in Nuneaton, Exeter and Glasgow who do the actual work); and

2. the employer is liable, not the employee.

2
0

Re: question

Assuming that the purpose of sharing the data is one which requires consent, and not an exemption such as for the purposes of national security or crime prevention. Or that it isn't already covered on another basis, such as being required for the fulfilment of a service contract.

1
0
ADC
Facepalm

"draft guidance"

Read that as "daft guidance" - can't think why

0
0

This would put an end to the NHS's flagrant misuse of patient data without consent.

1
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing