I thought I'd do a Tim Ferriss and come up with a regular post on five items of interest on Data Privacy.

1. Name your DPO now. Has your organization named a Data Protection Officer yet? Be reminded that time is fast running out. Today is the first day of August and, in a little over a month (September 9, to be exact), all organizations working with personal information are required to have a DPO. Note that requirement is not limited to corporations. Even religious organizations, schools, and foundations are required to comply.

2. Have that secretary's certificate ready. If your corporation is naming a DPO, please remember that a secretary's certificate attesting to the designation as having been approved by the board is required as an attachment to the registration of your personal data processing system. If your board does not meet regularly, coming up with one might be a problem. It's best to start working on this now.

3. Looking for a privacy policy to emulate? Take a look at the privacy policy of Purple, a public wifi company based in the UK. Their privacy policy is easy to understand and clearly informs the user of his/her options with respect to personal information. The same thing can be said for the website's terms and conditions of use. Purple boasts that it is the first GDPR-compliant wifi provider so it looks like they're doing something right.

4. Do you like looking at electronic billboards? You may want to rethink this as it appears that some are equipped with facial recognition functionality. A pizza shop's use of such billboard was discovered after its digital advertisement crashed. What was left was streaming data showing the information gathered from the electronic billboard watchers.

5. Finally, here's a really nice infographic on the personal data life cycle. This is based on the GDPR but it applies to the Philippines as well.

#dataprivacy #compliance #dataprotectionofficer #privacypolicy #termsandconditions #infographics #electronicbillboards