General Data Protection Regulation (GDPR)
As big data practitioners, we should realize the risk in manipulating data. GDPR is one of the things we should follow.
Official site: 2018 reform of EU data protection rules
Personal Data
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.
Personal data that has been rendered anonymous in such a way that the individual is not or no longer identifiable is no longer considered personal data. For data to be truly anonymised, the anonymisation must be irreversible.
[That is, if the data use in your research is anonymised, it is no longer considered as personal data]
Examples of personal data
- a name and surname;
- a home address;
- an email address such as name.surname@company.com;
- an identification card number;
- location data (for example the location data function on a mobile phone)*;
- an Internet Protocol (IP) address;
- a cookie ID*;
- the advertising identifier of your phone;
- data held by a hospital or doctor, which could be a symbol that uniquely identifies a person.
[The tricky part is that location data is also considered as personal data, then how can we utilize location data while anonymize it.]
Steps in following GDPR
Here is demo Seven steps for businessesto get ready for the GDPR
- Check the personal data collected;
- Inform the user when collecting personal data;
- Keep personal data for only as long as necessary;
- Secure the personal data;
- Keep ducumentation on data processing;