A-Z of data protection: terms you need to know
F
fairness
• part of the first principle of the GDPR for processing personal data, which is “lawfulness, fairness, and transparency
• fairness means that individuals should be made aware that their data will be collected and how it will be used and stored. Individuals must not be misled when personal data is collected, and consent notices should not contain unfair terms. Data must be handled in ways that are reasonably expected
first-party collection
• the type of data collection where an individual directly provides data to the collector. This can be through a form or survey where the individual submits his/her data to the collector
Five Pillars of Compliance
• according to the National Privacy Commission (Philippines), the Five Pillars of Data Privacy Accountability and Compliance are:
1) Appoint a Data Protection Officer,
2) Conduct a Privacy Impact Assessment,
3) Create a Privacy Management Program,
4) Implement Data Privacy and Security Measures,
5) Be Ready in Case of a Data Breach
forced consent
• when consent is not freely given
• when consent is “forced” such that individuals must “take it or leave it”, where consent must be given in full to be able to use a product or service
freely given
• consent must be freely given. “Freely given” entails:
• giving an individual a genuine choice and control over how their data is used
• allowing an individual to refuse consent without fear or consequence
• allowing an individual to withdraw consent without fear or consequence