Note, published 29 Aug 2017

In today’s issue of the ICO’s blog series on “GDPR myths”, Deputy Commissioner Steve Wood addresses the fact that upcoming privacy regulations are only an evolution of long-standing principles. In the end, it boils down to six simple principles:

Many of the fundamentals remain the same and have been known about for a long time. Fairness, transparency, accuracy, security, minimisation and respect for the rights of the individual whose data you want to process – these are all things you should already be doing with data and GDPR seeks only to build on those principles.

And indeed - the intricacies of the GDPR’s details aside, and with full awareness of the headaches its implementation is causing - when looking at it from a common sense perspective, we end up with six very simple rules that can guide the design of privacy-aware (and compliant) solutions that process individuals’ data:

  • Fairness

  • Transparency

  • Accuracy

  • Security

  • Minimisation

  • Respect

Regulation or not - these are values that every user should be able to expect in the first place.