Presentation on theme: "Public Administration use of Social Networks - Data Protection Implications European Public Administration Network, Dublin Castle, 5 April 2013 Billy Hawkes."— Presentation transcript:
Public Administration use of Social Networks - Data Protection Implications European Public Administration Network, Dublin Castle, 5 April 2013 Billy Hawkes Irish Data Protection Commissioner
Social Networks (SNS) Designed for data sharing Nature of Relationship with User free service in exchange for personal data used to target advertising Issues Control over sharing and use Responsibility of User and Network
Types of Social Networks Interactive Facebook, Google+, YouTube, blogs etc Broadcast Twitter etc
European DPA Guidance (WP 163)WP 163 Processing of personal data by individual users in most cases falls within the household exemption Where an organisation is involved, it is a Data Controller SNS (and Apps providers) are also Data Controllers in relation to their responsibilities: Transparency about data use Privacy-friendly default settings Data access, retention, deletion Complaints facility
Facebook Terms & Conditions If you collect content and information directly from users, you will make it clear that you (and not Facebook) are collecting it, and you will provide notice about and obtain user consent for your use of the content and information that you collect. Regardless of how you obtain content and information from users, you are responsible for securing all necessary permissions to reuse their content and information.
Data Protection Rules (Directive 95/46/EC) Transparency (A. 10,11) adequate information Process fairly & lawfully (A.6) Consent, contract, legal obligation, vital interests, public interest task, legitimate interests (A.7) Specified, explicit and legitimate purpose (A.6) Adequate, Relevant & not excessive (A. 6) Accurate, up-to-date (A.6) Retain for no longer than is necessary (A.6) Right of Access (A. 12) Data Security (A. 17) Intl. Transfers Right to Object (A. 14) Marketing, Other Restrictions on Automated Decisions (A. 15)
New Draft EU DP Law Directly-applicable Regulation Accountability of Data Controller More Transparency Right to be Forgotten Privacy by Design
Other Legal Issues Defamation Intellectual Property HR
Issues for Public Administrations Is the SN compliant with existing data protection law? Check with DPA Will the SN be compliant with future, more stringent EU Data Protection Regulation? Is the Organisation committed to ongoing compliance as a Data Controller? Active management
Thank You! Office of the Data Protection Commissioner Canal House Station Road Portarlington Co Laois Phone: LoCall 1890 252231 057 8684800 Fax: 057 8684757 Email: email@example.com Website: www.dataprotection.ie
Your consent to our cookies if you continue to use this website.